473,396 Members | 1,599 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > java > questions > permission problems when trying to execute simple system command

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Permission problems when trying to execute simple system command

Hi, I am quite new to JSP so please forgive me if I ask really simple things... I am trying to run system commands on the server and display the output on a webpage. This is what I've got:


Expand|Select|Wrap|Line Numbers
  1. <%@ page import="java.io.*" %>
  2. <HTML>
  3. <BODY>
  4. <%
  5.     Runtime rt = Runtime.getRuntime();
  6.  
  7. Process p = rt.exec("/bin/ls");
  8.  
  9. // for reading the output of the program
  10. // (out of the program is in for us)
  11. BufferedReader sOut = new BufferedReader(new
  12.         InputStreamReader(p.getInputStream()));
  13.  
  14. // read the output
  15. String line;
  16. while ((line = sOut.readLine()) != null)
  17. {
  18.         out.println("line<BR/>");
  19. }
  20.  
  21. %>
  22. </BODY>
  23. </HTML>

However, when I run this, I get the following:



description The server encountered an internal error () that prevented it from fulfilling this request.

exception

org.apache.jasper.JasperException: Exception in JSP: /research/test.jsp:7

4: <%
5: Runtime rt = Runtime.getRuntime();
6:
7: Process p = rt.exec("/bin/ls");
8:
9: // for reading the output of the program
10: // (out of the program is in for us)


Stacktrace:
org.apache.jasper.servlet.JspServletWrapper.handle JspException(JspServletWrapper.java:451)
org.apache.jasper.servlet.JspServletWrapper.servic e(JspServletWrapper.java:373)
org.apache.jasper.servlet.JspServlet.serviceJspFil e(JspServlet.java:329)
org.apache.jasper.servlet.JspServlet.service(JspSe rvlet.java:265)
javax.servlet.http.HttpServlet.service(HttpServlet .java:802)
sun.reflect.GeneratedMethodAccessor63.invoke(Unkno wn Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.apache.catalina.security.SecurityUtil$1.run(Se curityUtil.java:244)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject .java:517)
org.apache.catalina.security.SecurityUtil.execute( SecurityUtil.java:276)
org.apache.catalina.security.SecurityUtil.doAsPriv ilege(SecurityUtil.java:162)

root cause

java.security.AccessControlException: access denied (java.io.FilePermission /bin/ls execute)
java.security.AccessControlContext.checkPermission (AccessControlContext.java:323)
java.security.AccessController.checkPermission(Acc essController.java:546)
java.lang.SecurityManager.checkPermission(Security Manager.java:532)
java.lang.SecurityManager.checkExec(SecurityManage r.java:779)
java.lang.ProcessBuilder.start(ProcessBuilder.java :447)
java.lang.Runtime.exec(Runtime.java:593)
java.lang.Runtime.exec(Runtime.java:431)
java.lang.Runtime.exec(Runtime.java:328)
org.apache.jsp.research.test_jsp._jspService(test_ jsp.java:49)
org.apache.jasper.runtime.HttpJspBase.service(Http JspBase.java:98)
javax.servlet.http.HttpServlet.service(HttpServlet .java:802)
org.apache.jasper.servlet.JspServletWrapper.servic e(JspServletWrapper.java:331)
org.apache.jasper.servlet.JspServlet.serviceJspFil e(JspServlet.java:329)
org.apache.jasper.servlet.JspServlet.service(JspSe rvlet.java:265)
javax.servlet.http.HttpServlet.service(HttpServlet .java:802)
sun.reflect.GeneratedMethodAccessor63.invoke(Unkno wn Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.apache.catalina.security.SecurityUtil$1.run(Se curityUtil.java:244)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject .java:517)
org.apache.catalina.security.SecurityUtil.execute( SecurityUtil.java:276)
org.apache.catalina.security.SecurityUtil.doAsPriv ilege(SecurityUtil.java:162)





Seems like it has something to do with the permissions granted to the JVM? I have googled high and low and still haven't found a way to solve it. I've also tried adding
Expand|Select|Wrap|Line Numbers
  1. grant { permission java.io.FilePermission "file:/bin/ls", "execute"; }
to my java.policy file but to no avail. Could somebody point out how to solve this? Thanks!
Jan 13 '09 #1
5 7032
JosAH
11,448 Expert 8TB
If you were allowed to do what you want to do you can, say, execute the command "rm -rf /". You don't want to be able to do that and that's why the installed SecurityManager forbids you to do that. Be grateful.

kind regards,

Jos
Jan 13 '09 #2
Thanks for your reply. That sounds very logical but I'm sure its still something that many people wish there was a way to do. OK, eventually my goal is to be able to execute a Perl script and grab its output. Is there any way I can make the security manager grant access to a particular script etc?
Jan 13 '09 #3
JosAH
11,448 Expert 8TB
@sayeo87
You have to (re)configure your (web)server and make it install another SecurityManager (or no manager at all) if possible. The manager itself is a breeze:

Expand|Select|Wrap|Line Numbers
  1. import java.security.Permission;
  2.  
  3. public class MySecurityManager extends SecurityManager {
  4.  
  5.     public MySecurityManager() { }
  6.  
  7.     /* allow everything: */
  8.     public void checkPermission(Permission perm) { }
  9.     public void checkPermission(Permission perm, Object context) { }
  10. }
  11.  
kind regards,

Jos
Jan 13 '09 #4
OK, I'm using a Tomcat webserver and the security manager was not turned on. What else could be blocking access then?
Jan 14 '09 #5
JosAH
11,448 Expert 8TB
Well, something forbid you to do your ugly deed (check if there's a SecurityManager installed; I bet there is). What does your catalina.policy file say?

kind regards,

Jos
Jan 14 '09 #6

Sign in to post your reply or Sign up for a free account.

Similar topics

9
permission denied - fopen
by: bird | last post by:
What can cause the PHP code fopen("filename","a") to fail with permission denied message as below? ------------------ Warning: fopen(filename): failed to open stream: Permission denied in...
PHP
2
Problems with System.Diagnostics.Process class
by: Joey Mack | last post by:
Greetings. I am trying to use the System.Diagnostics.Process class to perform some actions through the Windows command line. The applicable code appears below. The code builds the follow command...
C# / C Sharp
2
Permission denied error 2nd Post
by: Taishi | last post by:
New user of SQL Everything is on the same machine My error is close to the bottom After reading it today, I can see there is a problem with 2 dbases 'PUBS' and 'Master' There are also some...
ASP.NET
0
Show stopper problem!! Parser Error Message: Execute permission cannot be acquired
by: David Berman | last post by:
Hello, I'm receiving an error reading the machine.config file when I try to access my web application. This error came out of nowhere. After searching many sites, googelizing and searching here,...
ASP.NET
0
"Local Activation permission" Problem when trying to access application
by: ElGordo | last post by:
I have a routine which opens a command shell and runs an executable. This all worked fine until recently, and I noticed that each time the statement is run, an event is logged in the event viewer...
ASP.NET
0
Problem accessing Local Activation Permission for Application
by: ElGordo | last post by:
I have a .Net application which includes a function to open a command shell and run an executable (for a file extraction program, 7zip). I can run the same exact command line manually with no...
ASP.NET
0
Problems with the Process.Start()
by: Sergistm | last post by:
Hello World, :D I have a problem that it is making me crazy, I hope you can help me. I'm trying to execute a .exe file with the Procces.Start, and there is no problem when the file is on my...
C# / C Sharp
0
Problems wrapping pathman.exe Resource Kit tool
by: =?Utf-8?B?bWVzdGVyYWs=?= | last post by:
I have attempted to use some simple code to wrap execution of the pathman.exe utility released with the Windows Resource Toolkit 2k3. The goal is to update the PATH variable as needed. I have...
.NET Framework
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!