Help get this topic noticed by sharing it on Twitter, Facebook, or email.

Apparent fault with policy file


I'm having difficulty in implementing the following code. It comes from Appendix A of Java Security by Scott Oaks (1st edition).

When I run it, the data file can be read or written to whoever signed it. In other words, the clause 'signedBy "sdo"' seems to be ignored.

It looks like the code is only paying attention to the fact that there's no 'signedBy' clause before the curly brackets.

The code is:

grant codeBase "" {
permission "${/}tmp${/}-", "read";
permission "${/}tmp${/}-",
"read, write, delete", signedBy "sdo";

I'd be very grateful for your assistance.

Thank you.

Ron Wates
1 person has
this question