Reputation: 8870
Running Java Security Manager without the default java.policy file
I don't want to modify anything in my java home directory, however, I am afraid that sometimes my default java.policy file may be too permissive. Is there a way for me to use a specified policy file as the only policy file when I run java with the -Djava.security.manager option?
If I add a -Djava.security.policy=myPolicy.policy option, it uses my policy file in addition to the default policy file -- which is bad because it looks like all permissions granted in the default policy file is still granted.
Upvotes: 8
Views: 7455
Answers (1)
Reputation: 16035
A Common Mistake with Java SecurityManager:
To run with SecurityManager and default Java security policy, which is $JAVA_HOME/jre/lib/security/java.policy:
java -Djava.security.manager MainTo run with SecurityManager and only your custom security policy (ignoring default java security policy):
java -Djava.security.manager -Djava.security.policy==security.policy MainTo run with SecurityManager and default java security policy first, then your custom security policy:
java -Djava.security.manager -Djava.security.policy=security.policy MainIf you don't want a SecurityManager, then simply leave out java.security.policy to avoid any confusion.
Upvotes: 16
Related Questions
- Update Java security policy at runtime?
- JVM Security Manager File permissions - custom policy
- Is it possible to write an exclusive Java Security policy for the default Security Manager?
- Java default SecurityManager policy
- Would a blank Java security policy file be the most restrictive?
- Load your own SecurityManager or disable existing
- Security manager java stop override
- Is possible Run Java Applet without edit java.policy file?
- Application Wrapper using Java
- Java SecurityManager - setting custom policy file