| Lists: | pljava-dev |
|---|
| From: | dgovoni at metadapt(dot)com (dgovoni at metadapt(dot)com) |
|---|---|
| To: | |
| Subject: | [Pljava-dev] How to configure security manager? |
| Date: | 2005-10-29 20:28:11 |
| Message-ID: | 200510291628.11350.dgovoni@metadapt.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pljava-dev |
Hi Thomas,
Kind thanks for the response. Yeah, I tried both 'java' and 'javaU'
installing as user 'postgres' under linux. Should I do so as root? I also
tried changing the java.security policy for the jvm in the library path to
grant 'all permission' (as a long shot) with same result. I removed and
reinstalled said jars. I'm sure I'm missing something, but will keep trying.
Regards,
Darren
| From: | thomas at tada(dot)se (Thomas Hallgren) |
|---|---|
| To: | |
| Subject: | [Pljava-dev] How to configure security manager? |
| Date: | 2005-10-29 22:52:34 |
| Message-ID: | 4363FD32.70702@tada.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pljava-dev |
dgovoni at metadapt.com wrote:
> Hi Thomas,
> Kind thanks for the response. Yeah, I tried both 'java' and 'javaU'
> installing as user 'postgres' under linux. Should I do so as root? I also
> tried changing the java.security policy for the jvm in the library path to
> grant 'all permission' (as a long shot) with same result. I removed and
> reinstalled said jars. I'm sure I'm missing something, but will keep trying.
>
Sorry. I got confused when you said you wanted to use files and sockets.
Now I see that you are getting a security exception while attempting to
set a system property that begins with the string 'java.'. Those
properties are not allowed to change even in untrusted mode since that
would blow a hole in the rest of the security scheme. What property are
you trying to set in the class initializer of rath.msnm.util.TWN that
starts with 'java.'?
Regards,
Thomas Hallgren
| From: | dgovoni at metadapt(dot)com (dgovoni at metadapt(dot)com) |
|---|---|
| To: | |
| Subject: | [Pljava-dev] How to configure security manager? |
| Date: | 2005-10-30 00:59:34 |
| Message-ID: | 200510292059.34139.dgovoni@metadapt.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pljava-dev |
Apparently the third-party code I'm using is trying to do this:
java.security.Security.addProvider(
new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty( "java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol" );
It's necessary to open https URL connections. Essentially, what I'm trying to
do is write a trigger that relays data inserted into a table to a MSN instant
message account. This is the only place it tries to set a system property. Is
there a way I can set system properties from the postgres.conf file or pljava
such that the JVM the trigger is running in will see them?
Darren
On Saturday 29 October 2005 18:52, Thomas Hallgren wrote:
> dgovoni at metadapt.com wrote:
> > Hi Thomas,
> > Kind thanks for the response. Yeah, I tried both 'java' and 'javaU'
> > installing as user 'postgres' under linux. Should I do so as root? I also
> > tried changing the java.security policy for the jvm in the library path
> > to grant 'all permission' (as a long shot) with same result. I removed
> > and reinstalled said jars. I'm sure I'm missing something, but will keep
> > trying.
>
> Sorry. I got confused when you said you wanted to use files and sockets.
> Now I see that you are getting a security exception while attempting to
> set a system property that begins with the string 'java.'. Those
> properties are not allowed to change even in untrusted mode since that
> would blow a hole in the rest of the security scheme. What property are
> you trying to set in the class initializer of rath.msnm.util.TWN that
> starts with 'java.'?
>
> Regards,
> Thomas Hallgren
| From: | thomas at tada(dot)se (Thomas Hallgren) |
|---|---|
| To: | |
| Subject: | [Pljava-dev] How to configure security manager? |
| Date: | 2005-10-30 07:39:29 |
| Message-ID: | 436478B1.1060407@tada.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pljava-dev |
OK, I'll have to fix that. I'll submit a patch soon. And yes, you can
use the pljava.vmoptions = '-Dxxx=yyy' to set system properties. If you
have the source and can compile, you can also remove the 'else if'
statement that surrounds the line where the exception is generated
(assertPermission in Backend.java line 153).
Regards,
Thomas Hallgen
dgovoni at metadapt.com wrote:
> Apparently the third-party code I'm using is trying to do this:
>
> java.security.Security.addProvider(
> new com.sun.net.ssl.internal.ssl.Provider());
> System.setProperty( "java.protocol.handler.pkgs",
> "com.sun.net.ssl.internal.www.protocol" );
>
> It's necessary to open https URL connections. Essentially, what I'm trying to
> do is write a trigger that relays data inserted into a table to a MSN instant
> message account. This is the only place it tries to set a system property. Is
> there a way I can set system properties from the postgres.conf file or pljava
> such that the JVM the trigger is running in will see them?
>
> Darren
>
> On Saturday 29 October 2005 18:52, Thomas Hallgren wrote:
>
>> dgovoni at metadapt.com wrote:
>>
>>> Hi Thomas,
>>> Kind thanks for the response. Yeah, I tried both 'java' and 'javaU'
>>> installing as user 'postgres' under linux. Should I do so as root? I also
>>> tried changing the java.security policy for the jvm in the library path
>>> to grant 'all permission' (as a long shot) with same result. I removed
>>> and reinstalled said jars. I'm sure I'm missing something, but will keep
>>> trying.
>>>
>> Sorry. I got confused when you said you wanted to use files and sockets.
>> Now I see that you are getting a security exception while attempting to
>> set a system property that begins with the string 'java.'. Those
>> properties are not allowed to change even in untrusted mode since that
>> would blow a hole in the rest of the security scheme. What property are
>> you trying to set in the class initializer of rath.msnm.util.TWN that
>> starts with 'java.'?
>>
>> Regards,
>> Thomas Hallgren
>>