By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,564 Members | 1,081 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,564 IT Pros & Developers. It's quick & easy.

Permission problems when trying to execute simple system command

P: 5
Hi, I am quite new to JSP so please forgive me if I ask really simple things... I am trying to run system commands on the server and display the output on a webpage. This is what I've got:


Expand|Select|Wrap|Line Numbers
  1. <%@ page import="java.io.*" %>
  2. <HTML>
  3. <BODY>
  4. <%
  5.     Runtime rt = Runtime.getRuntime();
  6.  
  7. Process p = rt.exec("/bin/ls");
  8.  
  9. // for reading the output of the program
  10. // (out of the program is in for us)
  11. BufferedReader sOut = new BufferedReader(new
  12.         InputStreamReader(p.getInputStream()));
  13.  
  14. // read the output
  15. String line;
  16. while ((line = sOut.readLine()) != null)
  17. {
  18.         out.println("line<BR/>");
  19. }
  20.  
  21. %>
  22. </BODY>
  23. </HTML>

However, when I run this, I get the following:



description The server encountered an internal error () that prevented it from fulfilling this request.

exception

org.apache.jasper.JasperException: Exception in JSP: /research/test.jsp:7

4: <%
5: Runtime rt = Runtime.getRuntime();
6:
7: Process p = rt.exec("/bin/ls");
8:
9: // for reading the output of the program
10: // (out of the program is in for us)


Stacktrace:
org.apache.jasper.servlet.JspServletWrapper.handle JspException(JspServletWrapper.java:451)
org.apache.jasper.servlet.JspServletWrapper.servic e(JspServletWrapper.java:373)
org.apache.jasper.servlet.JspServlet.serviceJspFil e(JspServlet.java:329)
org.apache.jasper.servlet.JspServlet.service(JspSe rvlet.java:265)
javax.servlet.http.HttpServlet.service(HttpServlet .java:802)
sun.reflect.GeneratedMethodAccessor63.invoke(Unkno wn Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.apache.catalina.security.SecurityUtil$1.run(Se curityUtil.java:244)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject .java:517)
org.apache.catalina.security.SecurityUtil.execute( SecurityUtil.java:276)
org.apache.catalina.security.SecurityUtil.doAsPriv ilege(SecurityUtil.java:162)

root cause

java.security.AccessControlException: access denied (java.io.FilePermission /bin/ls execute)
java.security.AccessControlContext.checkPermission (AccessControlContext.java:323)
java.security.AccessController.checkPermission(Acc essController.java:546)
java.lang.SecurityManager.checkPermission(Security Manager.java:532)
java.lang.SecurityManager.checkExec(SecurityManage r.java:779)
java.lang.ProcessBuilder.start(ProcessBuilder.java :447)
java.lang.Runtime.exec(Runtime.java:593)
java.lang.Runtime.exec(Runtime.java:431)
java.lang.Runtime.exec(Runtime.java:328)
org.apache.jsp.research.test_jsp._jspService(test_ jsp.java:49)
org.apache.jasper.runtime.HttpJspBase.service(Http JspBase.java:98)
javax.servlet.http.HttpServlet.service(HttpServlet .java:802)
org.apache.jasper.servlet.JspServletWrapper.servic e(JspServletWrapper.java:331)
org.apache.jasper.servlet.JspServlet.serviceJspFil e(JspServlet.java:329)
org.apache.jasper.servlet.JspServlet.service(JspSe rvlet.java:265)
javax.servlet.http.HttpServlet.service(HttpServlet .java:802)
sun.reflect.GeneratedMethodAccessor63.invoke(Unkno wn Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:597)
org.apache.catalina.security.SecurityUtil$1.run(Se curityUtil.java:244)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject .java:517)
org.apache.catalina.security.SecurityUtil.execute( SecurityUtil.java:276)
org.apache.catalina.security.SecurityUtil.doAsPriv ilege(SecurityUtil.java:162)





Seems like it has something to do with the permissions granted to the JVM? I have googled high and low and still haven't found a way to solve it. I've also tried adding
Expand|Select|Wrap|Line Numbers
  1. grant { permission java.io.FilePermission "file:/bin/ls", "execute"; }
to my java.policy file but to no avail. Could somebody point out how to solve this? Thanks!
Jan 13 '09 #1
Share this Question
Share on Google+
5 Replies


Expert 10K+
P: 11,448
If you were allowed to do what you want to do you can, say, execute the command "rm -rf /". You don't want to be able to do that and that's why the installed SecurityManager forbids you to do that. Be grateful.

kind regards,

Jos
Jan 13 '09 #2

P: 5
Thanks for your reply. That sounds very logical but I'm sure its still something that many people wish there was a way to do. OK, eventually my goal is to be able to execute a Perl script and grab its output. Is there any way I can make the security manager grant access to a particular script etc?
Jan 13 '09 #3

Expert 10K+
P: 11,448
@sayeo87
You have to (re)configure your (web)server and make it install another SecurityManager (or no manager at all) if possible. The manager itself is a breeze:

Expand|Select|Wrap|Line Numbers
  1. import java.security.Permission;
  2.  
  3. public class MySecurityManager extends SecurityManager {
  4.  
  5.     public MySecurityManager() { }
  6.  
  7.     /* allow everything: */
  8.     public void checkPermission(Permission perm) { }
  9.     public void checkPermission(Permission perm, Object context) { }
  10. }
  11.  
kind regards,

Jos
Jan 13 '09 #4

P: 5
OK, I'm using a Tomcat webserver and the security manager was not turned on. What else could be blocking access then?
Jan 14 '09 #5

Expert 10K+
P: 11,448
Well, something forbid you to do your ugly deed (check if there's a SecurityManager installed; I bet there is). What does your catalina.policy file say?

kind regards,

Jos
Jan 14 '09 #6

Post your reply

Sign in to post your reply or Sign up for a free account.