列出已签名小程序的本地目录

发布于 2024-07-23 05:04:40 字数 3520 浏览 2 评论 0 原文

以下小程序被编译并打包到 jar 中，然后使用自签名证书进行签名。

import java.applet.Applet;
import java.io.File;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;

public class Test extends Applet {
        private static final long serialVersionUID = -3127185193501384816L;

        private final class DirectoryLister implements PrivilegedAction<File[]> {
                private final String attachmentsFolder;

                private DirectoryLister(String attachmentsFolder) {
                        this.attachmentsFolder = attachmentsFolder;
                }

                public File[] run() {
                        return new File(attachmentsFolder).listFiles();
                }
        }

        public File[] getFiles() throws PrivilegedActionException {
                String attachmentsFolder = getParameter("attachmentsFolder");

                if (attachmentsFolder != null) {
                        return AccessController.doPrivileged(new DirectoryLister(
                                        attachmentsFolder));
                }

                return null;
        }
}

Applet 实例化如下：

<applet id="applet"
    code="Test"
    archive="applet.jar">
    <param name="attachmentsFolder"
        value="c:/test" />
</applet>

Applet 使用如下：

var files = applet.getFiles();

for (var file in files) {
    // Do something to file.
}

ff。遇到错误：

java.security.PrivilegedActionException: java.lang.reflect.InvocationTargetException
        at java.security.AccessController.doPrivileged(Native Method)
        at sun.plugin.liveconnect.SecureInvocation$2.run(Unknown Source)
        at java.security.AccessController.doPrivileged(Native Method)
        at sun.plugin.liveconnect.SecureInvocation.CallMethod(Unknown Source)
Caused by: java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.lang.reflect.Method.invoke(Unknown Source)
        at sun.plugin.javascript.JSInvoke.invoke(Unknown Source)
        at sun.reflect.GeneratedMethodAccessor1.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.lang.reflect.Method.invoke(Unknown Source)
        at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
        at sun.plugin.liveconnect.PrivilegedCallMethodAction.run(Unknown Source)
        ... 4 more
Caused by: java.security.AccessControlException: access denied (java.io.FilePermission c:\test read)
        at java.security.AccessControlContext.checkPermission(Unknown Source)
        at java.security.AccessController.checkPermission(Unknown Source)
        at java.lang.SecurityManager.checkPermission(Unknown Source)
        at java.lang.SecurityManager.checkRead(Unknown Source)
        at java.io.File.list(Unknown Source)
        at java.io.File.listFiles(Unknown Source)
        at Test$DirectoryLister.run(Test.java:20)
        at Test$DirectoryLister.run(Test.java:1)
        at java.security.AccessController.doPrivileged(Native Method)
        at Test.getFiles(Test.java:28)
        ... 14 more

这导致我询问是否仍然需要在 Java 主目录中的配置文件之一中显式授予权限才能读取 c:/test？如果是这样，有人能给我指点如何执行此操作的指南吗？

原文

The following applet is compiled and packed into jar which is then signed with a self-signed cert.

import java.applet.Applet;
import java.io.File;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;

public class Test extends Applet {
        private static final long serialVersionUID = -3127185193501384816L;

        private final class DirectoryLister implements PrivilegedAction<File[]> {
                private final String attachmentsFolder;

                private DirectoryLister(String attachmentsFolder) {
                        this.attachmentsFolder = attachmentsFolder;
                }

                public File[] run() {
                        return new File(attachmentsFolder).listFiles();
                }
        }

        public File[] getFiles() throws PrivilegedActionException {
                String attachmentsFolder = getParameter("attachmentsFolder");

                if (attachmentsFolder != null) {
                        return AccessController.doPrivileged(new DirectoryLister(
                                        attachmentsFolder));
                }

                return null;
        }
}

Applet is instantiated as follows:

<applet id="applet"
    code="Test"
    archive="applet.jar">
    <param name="attachmentsFolder"
        value="c:/test" />
</applet>

Applet is used as follows:

var files = applet.getFiles();

for (var file in files) {
    // Do something to file.
}

The ff. error is encountered:

java.security.PrivilegedActionException: java.lang.reflect.InvocationTargetException
        at java.security.AccessController.doPrivileged(Native Method)
        at sun.plugin.liveconnect.SecureInvocation$2.run(Unknown Source)
        at java.security.AccessController.doPrivileged(Native Method)
        at sun.plugin.liveconnect.SecureInvocation.CallMethod(Unknown Source)
Caused by: java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.lang.reflect.Method.invoke(Unknown Source)
        at sun.plugin.javascript.JSInvoke.invoke(Unknown Source)
        at sun.reflect.GeneratedMethodAccessor1.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.lang.reflect.Method.invoke(Unknown Source)
        at sun.plugin.javascript.JSClassLoader.invoke(Unknown Source)
        at sun.plugin.liveconnect.PrivilegedCallMethodAction.run(Unknown Source)
        ... 4 more
Caused by: java.security.AccessControlException: access denied (java.io.FilePermission c:\test read)
        at java.security.AccessControlContext.checkPermission(Unknown Source)
        at java.security.AccessController.checkPermission(Unknown Source)
        at java.lang.SecurityManager.checkPermission(Unknown Source)
        at java.lang.SecurityManager.checkRead(Unknown Source)
        at java.io.File.list(Unknown Source)
        at java.io.File.listFiles(Unknown Source)
        at Test$DirectoryLister.run(Test.java:20)
        at Test$DirectoryLister.run(Test.java:1)
        at java.security.AccessController.doPrivileged(Native Method)
        at Test.getFiles(Test.java:28)
        ... 14 more

Which leads me to ask if I still need to explicitly grant perms in one of the config files in the Java home directory to read c:/test? If so, can anyone point me to a guide on how to do this?

分享到QQ

分享到微博