File permissions for a given user

Discussion in 'Java' started by Chris, Apr 19, 2005.

  1. Chris

    Chris Guest

    How can I check whether a given user has certain permissions on a certain
    file (say, read access)? The user may not be the same one that started the
    JVM.
    Chris, Apr 19, 2005
    #1
    1. Advertising

  2. Chris

    enrique Guest

    Can you clarify more on how this Java app gets started, and how other
    people (none of whom started the app) interact with it?
    enrique, Apr 20, 2005
    #2
    1. Advertising

  3. Chris

    Chris Guest

    > Can you clarify more on how this Java app gets started, and how other
    > people (none of whom started the app) interact with it?


    It's a webapp, running in a J2EE server. Users log in. The app decides
    whether they can see certain files or not. It has to check with the
    operating system to see if they have read access to the files before it
    gives them up.
    Chris, Apr 21, 2005
    #3
  4. Chris

    Betty Guest

    "Chris" <anon> wrote in message
    news:4266f711$0$5813$...
    > > Can you clarify more on how this Java app gets started, and how other
    > > people (none of whom started the app) interact with it?

    >
    > It's a webapp, running in a J2EE server. Users log in. The app decides
    > whether they can see certain files or not. It has to check with the
    > operating system to see if they have read access to the files before it
    > gives them up.
    >

    Why don't you just let them try to access the files and if they
    are not worthy there will be an error you can handle gracefully.
    Betty, Apr 21, 2005
    #4
  5. Chris

    Chris Guest

    > > > Can you clarify more on how this Java app gets started, and how other
    > > > people (none of whom started the app) interact with it?

    > >
    > > It's a webapp, running in a J2EE server. Users log in. The app decides
    > > whether they can see certain files or not. It has to check with the
    > > operating system to see if they have read access to the files before it
    > > gives them up.
    > >

    > Why don't you just let them try to access the files and if they
    > are not worthy there will be an error you can handle gracefully.
    >


    This would work, except we're not allowed to show them that the files exist
    at all. A user should not get a directory listing for a directory they don't
    have rights to.
    Chris, Apr 21, 2005
    #5
  6. Chris wrote:
    > This would work, except we're not allowed to show them that the files exist
    > at all. A user should not get a directory listing for a directory they don't
    > have rights to.


    Such a layer of protection should be handled by the operating system,
    not the application. It is trivial to circumvent such application-level
    filtering - by using another application, e.g. a simple file browser.
    Security by obscurity is not a good idea.

    /Thomas

    --
    The comp.lang.java.gui FAQ:
    ftp://ftp.cs.uu.nl/pub/NEWS.ANSWERS/computer-lang/java/gui/faq
    Thomas Weidenfeller, Apr 22, 2005
    #6
  7. Chris

    enrique Guest

    I would just give each user their own shell account. Skip the web
    thing. If these files aren't even web pages, why go through the
    trouble of presenting them from a web application?
    enrique, Apr 25, 2005
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Chris
    Replies:
    0
    Views:
    292
    Chris
    Apr 19, 2005
  2. Lord0
    Replies:
    1
    Views:
    551
    Thomas Weidenfeller
    Apr 19, 2006
  3. Curt K
    Replies:
    0
    Views:
    554
    Curt K
    Nov 3, 2006
  4. chiara
    Replies:
    6
    Views:
    457
    Barry Schwarz
    Oct 6, 2005
  5. 2Barter.net
    Replies:
    0
    Views:
    356
    2Barter.net
    Dec 13, 2006
Loading...

Share This Page