Unix permissions in Java

Discussion in 'Java' started by frank, Aug 19, 2005.

  1. frank

    frank Guest

    i am going to explain this as best i can.
    we are running on a UNIX system.
    my question i think concerns the Java runtime exec. (or maybe Java
    itself).

    INFO: In unix all users have a default login group. In unix you can
    create additional UNIX groups and assign users to these groups. to help
    explain the problem say we have 3 users.
    user1 default login group is 1234
    user2 default login group is 1234
    user3 default login group is 1122
    in unix if i set permissions on a file for group execute , anybody in
    the same login group as me can execute this file.
    so only user1 and user2 can execute. user3 permission denied.
    i create a unix group called project1 and assign user1 user2 and user3
    to this group.
    now if i go back to the file and use the unix command: chgrp project1
    it assigns the group project1 to the file. now anybody in project1 can
    execute the file,
    now user1 user2 and user3 can extecute this file. this is all ok in
    unix. everything works as expected.
    heres the problem.
    in Java executing a runtime exec command , using the same file with the
    project1 for the group,only user1 and user2 can execute. user3 gets
    permission denied. i need to give world access for user3 to execute.
    what i suspect is somehow Java honors the group permissions but doesn't
    know about created unix groups, so it uses the login groups to
    determine who is in a group.
    can anybody verify this is true. (if it is it is a big security flaw.
    people use unix groups to also deny access).
    if not can anybody tell me what is going on?
    thanks. i hope i explained this ok.
    frank, Aug 19, 2005
    #1
    1. Advertising

  2. frank

    Joan Guest

    "frank" <> wrote in message
    news:...
    >i am going to explain this as best i can.
    > we are running on a UNIX system.
    > my question i think concerns the Java runtime exec. (or maybe
    > Java
    > itself).
    >
    > INFO: In unix all users have a default login group. In unix you
    > can
    > create additional UNIX groups and assign users to these groups.
    > to help
    > explain the problem say we have 3 users.
    > user1 default login group is 1234
    > user2 default login group is 1234
    > user3 default login group is 1122
    > in unix if i set permissions on a file for group execute ,
    > anybody in
    > the same login group as me can execute this file.
    > so only user1 and user2 can execute. user3 permission denied.
    > i create a unix group called project1 and assign user1 user2
    > and user3
    > to this group.
    > now if i go back to the file and use the unix command: chgrp
    > project1
    > it assigns the group project1 to the file. now anybody in
    > project1 can
    > execute the file,
    > now user1 user2 and user3 can extecute this file. this is all
    > ok in
    > unix. everything works as expected.
    > heres the problem.
    > in Java executing a runtime exec command , using the same file
    > with the
    > project1 for the group,only user1 and user2 can execute. user3
    > gets
    > permission denied. i need to give world access for user3 to
    > execute.
    > what i suspect is somehow Java honors the group permissions but
    > doesn't
    > know about created unix groups, so it uses the login groups to
    > determine who is in a group.
    > can anybody verify this is true. (if it is it is a big security
    > flaw.
    > people use unix groups to also deny access).
    > if not can anybody tell me what is going on?
    > thanks. i hope i explained this ok.
    >


    Too many words you speak, but did you check out the permissions
    on
    the path?
    Joan, Aug 19, 2005
    #2
    1. Advertising

  3. frank schrieb:
    > i am going to explain this as best i can.
    > we are running on a UNIX system.
    > my question i think concerns the Java runtime exec. (or maybe Java
    > itself).


    Perhaps it's bug 4052517...

    Bye
    Michael
    Michael Rauscher, Aug 19, 2005
    #3
  4. frank

    Joan Guest

    Joan, Aug 20, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Scott Allen
    Replies:
    0
    Views:
    426
    Scott Allen
    Jul 13, 2004
  2. Replies:
    12
    Views:
    1,613
    Dave Thompson
    Jan 10, 2005
  3. Curt K
    Replies:
    0
    Views:
    553
    Curt K
    Nov 3, 2006
  4. Simon Strandgaard
    Replies:
    2
    Views:
    141
    Simon Strandgaard
    Sep 11, 2003
  5. Vikram Sharma
    Replies:
    2
    Views:
    154
    Vikram Sharma
    Dec 1, 2008
Loading...

Share This Page