Applications that use JRIO and run under a Security Manager are started with, for example, the following command:
java -Djava.security.manager <application-name>
All accesses to files and directories of the supported file systems are initially rejected by the Security Manager. Access is granted only to files in the UFS directory that contains the loaded class.
When handled by the Security Manager, UFS files are subject to the same mechanism in JRIO as offered by java.io. The special features of the DMS file system are therefore described below.
To allow an application to access certain files and directories of the DMS file system under the Security Manager, appropriate permissions must first be granted in a policy file. The mechanism for selecting the valid policy file is no different from the usual method in Java; in particular, the policy file can also be specified directly:
java -Djava.security.manager
-Djava.security.policy= <policy-file> <application>
JRIO features two new permissions that can be granted in the policy file:
com.fujitsu.ts.jrio.DMS.FilePermission
com.fujitsu.ts.java.bs2000.SystemInfoPermission
You can make entries in the policy file using the policytool or any normal editor. In this manual, the entries are shown as if they were made using an editor.
Note that the policy file must be available in UTF8 coding.
File permission
com.fujitsu.ts.jrio.DMS.FilePermission controls access to files and directories. The syntax of an entry in the policy file is as follows:
grant [codeBase ... | signedBy ...] {
permission com.fujitsu.ts.jrio.DMS.FilePermission
"file-identifier" , "action-list";
};
The file identifier is either a valid BS2000 directory name or a valid BS2000 file name with or without catalog ID and/or user ID , i.e. a catalog ID (in the format ":catid:"), a user ID (in the format "$userid.") or a combination of the two (in the format ":catid:$userid."). The last character of the file name may be “ * ”. Access permission then relates to all files whose name begins with the string preceding “ * ”. In this case, it need only be possible to complete the name part preceding the “ * ” to form a valid file name. For catalog and user IDs you can also use “:*:” or “$*.” to grant access for all catalog IDs or all user IDs. The abbreviation “$.” for the default system ID is permitted but not the abbreviation “$file” for “$.file”. Refer to the section "File names in the DMS file system".
If no user ID is explicitly specified, permission relates to files under the user ID of the caller (who need not be known by name to the application). If no catalog ID is specified, permission relates to files of the default catalog ID of the corresponding user ID. The string <<ALL FILES>> permits access to all files and directories. Further details are provided in the shipped JAVADOC documentation for the com.fujitsu.ts.jrio.DMS.FilePermission class.
The action-list is a comma-separated list of the permitted read, write and delete actions for the file. If permission to perform the action is not granted in this file or directory, any access attempt is rejected with a SecurityException. This also applies to information functions such as list() or listFiles() that require read permission for the underlying directory.
SystemInfo permission
Within JRIO, com.fujitsu.ts.java.bs2000.SystemInfoPermission is used to control which information on the DMS file system the application is allowed to obtain. The syntax is:
grant [codeBase ... | signedBy ...] {
permission com.fujitsu.ts.java.bs2000.SystemInfoPermission
"Name";
};
Name is a value formed from HomePubset, UserName, UserPubset, DefaultUserName, DefaultUserPubset and ForeignUserPubset or the string <<ALL INFO>> with which permission is granted for all named data. If the permission is granted, the application is allowed to determine the corresponding catalog and user IDs via the getCanonicalPath(), getCanonicalFile(), getAbsolutePath() and getAbsoluteFile() interfaces of the RecordFile class. Otherwise, any attempt is rejected with a SecurityException. The names beginning with User... relate to the ID of the caller, the names beginning with Default... to the default system ID, and the names beginning with Foreign... to all foreign user IDs. Permission relates only to the interfaces that provide access to the corresponding file names when completed, but not to actual access to the files under these catalog or user IDs.
Example
An application is granted access to the file named HUGO under the ID of the caller although the application does not have permission to determine the ID of the caller:
grant [codeBase ... | signedBy ...] {
permission com.fujitsu.ts.jrio.DMS.FilePermission
"Hugo", "read, write";
};
This setting allows the file to be opened, read and written. However, completing the file name with, for example, getCanonicalPath(...) is not permitted.