This is my error:
java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\Temp\SettingsApp.policy" "read")
This is my policy (dynamically made for each app)
grant signedBy "SmartMirror" {
permission java.lang.RuntimePermission "setSecurityManager";
permission java.lang.RuntimePermission "getSecurityManager";
permission java.lang.RuntimePermission "createSecurityManager";
permission java.lang.RuntimePermission "usePolicy";
};
grant signedBy "currentUser" codeBase "file:/C:/Temp/SettingsApp.jar" {
permission java.io.FilePermission "C:/Temp/SettingsApp.policy", "read";
};
This is how I am setting the policy and using the security manager:
System.setSecurityManager(null); // reset so can reload new policy
System.setProperty("java.security.policy", "file:/C:/Temp/" + app.getName() + ".policy");
System.setSecurityManager(new SecurityManager()); // instance with new policy
JPanel panel = (JPanel) app.getObject().newInstance(); // instance Class <?>
The jar file is being loaded like so and works fine:
try {
appLoader = URLClassLoader.newInstance(new URL[] { download }); // download is a URL of the C:/Temp/SettingsApp.jar
appBuilder = appLoader.loadClass("iezon.app." + name); // name is SettingsApp
} catch (ClassNotFoundException e) {
// TODO: Add class not found error for Application (App Developer issue)
}
When the JPanel panel = (JPanel) app.getObject().newInstance(); is first run, it works fine and the JPanel is returned. However, if I try to run it for a second time, I get the error.
This is where I am receiving the error:
if (!app.policyIsAgreedTo()) {
if(readPolicy(app).get(0).equalsIgnoreCase("grant {")) {
app.setPolicy(true);
} else {
throw new Exception("App policy has not been agreed to.");
}
}
Which then results in reading the file because by default, this file contains line by line policies it wants to request which then gets rewritten into a real policy:
public ArrayList<String> readPolicy(App app) {
String line = null;
try {
ArrayList<String> builder = new ArrayList<String>();
FileReader fileReader = new FileReader("C:/Temp/" + app.getName() + ".policy");
BufferedReader bufferedReader = new BufferedReader(fileReader);
while ((line = bufferedReader.readLine()) != null) {
builder.add(line);
}
bufferedReader.close();
return builder;
} catch (IOException ex) {
ex.printStackTrace();
return new ArrayList<String>();
}
}
public static void createPolicy(ArrayList<String> policies, App app) {
try {
FileWriter fileWriter =
new FileWriter("C:/Temp/" + app.getName() + ".policy");
BufferedWriter bufferedWriter =
new BufferedWriter(fileWriter);
bufferedWriter.write("grant signedBy \"SmartMirror\" {");
bufferedWriter.newLine();
bufferedWriter.write(" permission java.lang.RuntimePermission \"setSecurityManager\";");
bufferedWriter.newLine();
bufferedWriter.write(" permission java.lang.RuntimePermission \"getSecurityManager\";");
bufferedWriter.newLine();
bufferedWriter.write(" permission java.lang.RuntimePermission \"createSecurityManager\";");
bufferedWriter.newLine();
bufferedWriter.write(" permission java.lang.RuntimePermission \"usePolicy\";");
bufferedWriter.newLine();
bufferedWriter.write("};");
bufferedWriter.newLine();
bufferedWriter.newLine();
bufferedWriter.write("grant signedBy \"" + Init.usrController.getCurrentUser().getFname() + Init.usrController.getCurrentUser().getLname() + "\" codeBase \"file:/C:/Temp/" + app.getName() + ".jar\" {");
bufferedWriter.newLine();
for(String policy : policies) {
bufferedWriter.write(" permission java.lang.RuntimePermission \"" + policy + "\";");
bufferedWriter.newLine();
}
bufferedWriter.write(" permission java.io.FilePermission \"C:/Temp/" + app.getName() + ".policy\", \"read\";");
bufferedWriter.newLine();
bufferedWriter.write("};");
bufferedWriter.close();
} catch(IOException ex) {
ex.printStackTrace();
}
}