javafile-iosecurity-policy

What is a simple Java security policy for restricting file writes to a single directory?


The students in my beginning Java class are beginning to learn about file I/O, and one of their projects involves deleting and renaming files. I can think of dozens of ways this can go wrong.

Therefore, it would be useful to use Java's security framework to restrict their programs from renaming, deleting, or writing over files that are not contained in a specific directory. Reading outside the directory is fine, and the policy doesn't need to be super-bulletproof -- this is more about preventing accidental damage than protecting against maliciousness on the part of my students.

However, I haven't done any real Java work outside the domain of programming courses at school, so I don't know how to write or activate policy files. What is a simple policy file I can use to achieve this, and how would I activate it when running my students' code?


Solution

  • Here is a dirt simple policy file that you can use for restricting file writes to a certain directory.

    grant codeBase "file:/some/root/path/sandbox/-" {
        permission java.io.FilePermission "*", "read";
        permission java.io.FilePermission "/tmp/*", "read, write";
    };
    

    It assumes you will be staging and launching your code from /some/root/path/sandbox, and that you will be granting write permission only to the /tmp folder. You can add additional read and write permissions as required. To invoke, launch your code with the following command line:

    java -Djava.security.manager -Djava.security.policy=student.policy YourClassName

    This presumes you stored the policy in a file called student.policy, in the same folder as where you are launching the code from