Enable the Java SecurityManager with AllPermission









up vote
10
down vote

favorite












I'm trying to get myself familiar with the SecurityManager but even this simple scenario fails. When I run the following from inside my IDE or from command line I get the following exception;



access denied ("java.util.PropertyPermission" "java.home" "read")


I thought I allowed everything with this code:




Policy.setPolicy(new Policy() 

 @Override
 public PermissionCollection getPermissions(CodeSource codesource) 
 Permissions perm = new Permissions();
 perm.add(new AllPermission());
 return perm;
 
);
System.setSecurityManager(new SecurityManager());
System.out.println(System.getProperty("java.home"));



Has this something to-do with the derived policy from the JVM? How can I cleanly setPolicy()?



The same misunderstanding seems to happen for the following code:



System.setSecurityManager(new SecurityManager());
final Permissions allPermission = new Permissions();
allPermission.add(new AllPermission());
AccessController.doPrivileged((PrivilegedAction<Void>) () -> 
 System.out.println(System.getProperty("java.home"));
 return null;
, new AccessControlContext(new ProtectionDomainnew ProtectionDomain(null, allPermission)));


Update: the second case is understandable as the provided permission is only a further restriction: (javadoc) The action is performed with the intersection of the permissions possessed by the caller's protection domain, and those possessed by the domains represented by the specified AccessControlContext






java java-security securitymanager







share|improve this question























  • I'm trying to increase security of my java application and for that I need to understand the mechanisms. Just enabling the SecurityManager is not possible as I need a few exceptions. I have to understand a bit more how this all works together as it is not a standard use case.
    – Karussell
    Nov 7 at 21:30











  • I'm unable to reproduce this (tried on JDK 8 and 11). I doubt the default policy implementation to be the cause. Something non-standard interposes between the security manager and your custom policy, effectively preventing or overriding queries to the latter; e.g. a custom class loader having assigned a static, unprivileged protection domain to your classes.
    – Uux
    Nov 7 at 21:46










  • @Uux Thanks a lot for taking the time. So in your case you can access the java.home property? If yes, can you gist your policy file?
    – Karussell
    Nov 8 at 9:18







  • 1




    @Karussell Yes, your snippet runs just fine (within a plain old main method, launched via plain old java -cp <classpath> <main-class>). I didn't modify my .policy file, because it ultimately doesn't matter -- once Policy.setPolicy has returned, it is your policy implementation that gets consulted, not the previous, default, file-backed one. You might want to try running with -Djava.security.debug="access,failure" and attach its output to your question.
    – Uux
    Nov 8 at 12:22











  • I now better understand what I was trying to achieve: I want a programmatic way to set the policy where I see that if I set no permision then the System.getProperty call fails and if I grant PropertyPermission or AllPermission then the call goes through. And indeed the 2nd part works now (no idea why) but the 1st part goes through without any permission. And when I do Policy.getPolicy exactly the opposite happens (both parts fail,)
    – Karussell
    Nov 9 at 10:16















up vote
10
down vote

favorite












I'm trying to get myself familiar with the SecurityManager but even this simple scenario fails. When I run the following from inside my IDE or from command line I get the following exception;



access denied ("java.util.PropertyPermission" "java.home" "read")


I thought I allowed everything with this code:




Policy.setPolicy(new Policy() 

 @Override
 public PermissionCollection getPermissions(CodeSource codesource) 
 Permissions perm = new Permissions();
 perm.add(new AllPermission());
 return perm;
 
);
System.setSecurityManager(new SecurityManager());
System.out.println(System.getProperty("java.home"));



Has this something to-do with the derived policy from the JVM? How can I cleanly setPolicy()?



The same misunderstanding seems to happen for the following code:



System.setSecurityManager(new SecurityManager());
final Permissions allPermission = new Permissions();
allPermission.add(new AllPermission());
AccessController.doPrivileged((PrivilegedAction<Void>) () -> 
 System.out.println(System.getProperty("java.home"));
 return null;
, new AccessControlContext(new ProtectionDomainnew ProtectionDomain(null, allPermission)));


Update: the second case is understandable as the provided permission is only a further restriction: (javadoc) The action is performed with the intersection of the permissions possessed by the caller's protection domain, and those possessed by the domains represented by the specified AccessControlContext






java java-security securitymanager







share|improve this question























  • I'm trying to increase security of my java application and for that I need to understand the mechanisms. Just enabling the SecurityManager is not possible as I need a few exceptions. I have to understand a bit more how this all works together as it is not a standard use case.
    – Karussell
    Nov 7 at 21:30











  • I'm unable to reproduce this (tried on JDK 8 and 11). I doubt the default policy implementation to be the cause. Something non-standard interposes between the security manager and your custom policy, effectively preventing or overriding queries to the latter; e.g. a custom class loader having assigned a static, unprivileged protection domain to your classes.
    – Uux
    Nov 7 at 21:46










  • @Uux Thanks a lot for taking the time. So in your case you can access the java.home property? If yes, can you gist your policy file?
    – Karussell
    Nov 8 at 9:18







  • 1




    @Karussell Yes, your snippet runs just fine (within a plain old main method, launched via plain old java -cp <classpath> <main-class>). I didn't modify my .policy file, because it ultimately doesn't matter -- once Policy.setPolicy has returned, it is your policy implementation that gets consulted, not the previous, default, file-backed one. You might want to try running with -Djava.security.debug="access,failure" and attach its output to your question.
    – Uux
    Nov 8 at 12:22











  • I now better understand what I was trying to achieve: I want a programmatic way to set the policy where I see that if I set no permision then the System.getProperty call fails and if I grant PropertyPermission or AllPermission then the call goes through. And indeed the 2nd part works now (no idea why) but the 1st part goes through without any permission. And when I do Policy.getPolicy exactly the opposite happens (both parts fail,)
    – Karussell
    Nov 9 at 10:16













up vote
10
down vote

favorite









up vote
10
down vote

favorite











I'm trying to get myself familiar with the SecurityManager but even this simple scenario fails. When I run the following from inside my IDE or from command line I get the following exception;



access denied ("java.util.PropertyPermission" "java.home" "read")


I thought I allowed everything with this code:




Policy.setPolicy(new Policy() 

 @Override
 public PermissionCollection getPermissions(CodeSource codesource) 
 Permissions perm = new Permissions();
 perm.add(new AllPermission());
 return perm;
 
);
System.setSecurityManager(new SecurityManager());
System.out.println(System.getProperty("java.home"));



Has this something to-do with the derived policy from the JVM? How can I cleanly setPolicy()?



The same misunderstanding seems to happen for the following code:



System.setSecurityManager(new SecurityManager());
final Permissions allPermission = new Permissions();
allPermission.add(new AllPermission());
AccessController.doPrivileged((PrivilegedAction<Void>) () -> 
 System.out.println(System.getProperty("java.home"));
 return null;
, new AccessControlContext(new ProtectionDomainnew ProtectionDomain(null, allPermission)));


Update: the second case is understandable as the provided permission is only a further restriction: (javadoc) The action is performed with the intersection of the permissions possessed by the caller's protection domain, and those possessed by the domains represented by the specified AccessControlContext






java java-security securitymanager







share|improve this question















I'm trying to get myself familiar with the SecurityManager but even this simple scenario fails. When I run the following from inside my IDE or from command line I get the following exception;



access denied ("java.util.PropertyPermission" "java.home" "read")


I thought I allowed everything with this code:




Policy.setPolicy(new Policy() 

 @Override
 public PermissionCollection getPermissions(CodeSource codesource) 
 Permissions perm = new Permissions();
 perm.add(new AllPermission());
 return perm;
 
);
System.setSecurityManager(new SecurityManager());
System.out.println(System.getProperty("java.home"));



Has this something to-do with the derived policy from the JVM? How can I cleanly setPolicy()?



The same misunderstanding seems to happen for the following code:



System.setSecurityManager(new SecurityManager());
final Permissions allPermission = new Permissions();
allPermission.add(new AllPermission());
AccessController.doPrivileged((PrivilegedAction<Void>) () -> 
 System.out.println(System.getProperty("java.home"));
 return null;
, new AccessControlContext(new ProtectionDomainnew ProtectionDomain(null, allPermission)));


Update: the second case is understandable as the provided permission is only a further restriction: (javadoc) The action is performed with the intersection of the permissions possessed by the caller's protection domain, and those possessed by the domains represented by the specified AccessControlContext






java java-security securitymanager




java java-security securitymanager






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 20 at 14:49









buræquete

5,08141747




5,08141747










asked Nov 4 at 16:48









Karussell

11.8k1175160




11.8k1175160











  • I'm trying to increase security of my java application and for that I need to understand the mechanisms. Just enabling the SecurityManager is not possible as I need a few exceptions. I have to understand a bit more how this all works together as it is not a standard use case.
    – Karussell
    Nov 7 at 21:30











  • I'm unable to reproduce this (tried on JDK 8 and 11). I doubt the default policy implementation to be the cause. Something non-standard interposes between the security manager and your custom policy, effectively preventing or overriding queries to the latter; e.g. a custom class loader having assigned a static, unprivileged protection domain to your classes.
    – Uux
    Nov 7 at 21:46










  • @Uux Thanks a lot for taking the time. So in your case you can access the java.home property? If yes, can you gist your policy file?
    – Karussell
    Nov 8 at 9:18







  • 1




    @Karussell Yes, your snippet runs just fine (within a plain old main method, launched via plain old java -cp <classpath> <main-class>). I didn't modify my .policy file, because it ultimately doesn't matter -- once Policy.setPolicy has returned, it is your policy implementation that gets consulted, not the previous, default, file-backed one. You might want to try running with -Djava.security.debug="access,failure" and attach its output to your question.
    – Uux
    Nov 8 at 12:22











  • I now better understand what I was trying to achieve: I want a programmatic way to set the policy where I see that if I set no permision then the System.getProperty call fails and if I grant PropertyPermission or AllPermission then the call goes through. And indeed the 2nd part works now (no idea why) but the 1st part goes through without any permission. And when I do Policy.getPolicy exactly the opposite happens (both parts fail,)
    – Karussell
    Nov 9 at 10:16

















  • I'm trying to increase security of my java application and for that I need to understand the mechanisms. Just enabling the SecurityManager is not possible as I need a few exceptions. I have to understand a bit more how this all works together as it is not a standard use case.
    – Karussell
    Nov 7 at 21:30











  • I'm unable to reproduce this (tried on JDK 8 and 11). I doubt the default policy implementation to be the cause. Something non-standard interposes between the security manager and your custom policy, effectively preventing or overriding queries to the latter; e.g. a custom class loader having assigned a static, unprivileged protection domain to your classes.
    – Uux
    Nov 7 at 21:46










  • @Uux Thanks a lot for taking the time. So in your case you can access the java.home property? If yes, can you gist your policy file?
    – Karussell
    Nov 8 at 9:18







  • 1




    @Karussell Yes, your snippet runs just fine (within a plain old main method, launched via plain old java -cp <classpath> <main-class>). I didn't modify my .policy file, because it ultimately doesn't matter -- once Policy.setPolicy has returned, it is your policy implementation that gets consulted, not the previous, default, file-backed one. You might want to try running with -Djava.security.debug="access,failure" and attach its output to your question.
    – Uux
    Nov 8 at 12:22











  • I now better understand what I was trying to achieve: I want a programmatic way to set the policy where I see that if I set no permision then the System.getProperty call fails and if I grant PropertyPermission or AllPermission then the call goes through. And indeed the 2nd part works now (no idea why) but the 1st part goes through without any permission. And when I do Policy.getPolicy exactly the opposite happens (both parts fail,)
    – Karussell
    Nov 9 at 10:16
















I'm trying to increase security of my java application and for that I need to understand the mechanisms. Just enabling the SecurityManager is not possible as I need a few exceptions. I have to understand a bit more how this all works together as it is not a standard use case.
– Karussell
Nov 7 at 21:30





I'm trying to increase security of my java application and for that I need to understand the mechanisms. Just enabling the SecurityManager is not possible as I need a few exceptions. I have to understand a bit more how this all works together as it is not a standard use case.
– Karussell
Nov 7 at 21:30













I'm unable to reproduce this (tried on JDK 8 and 11). I doubt the default policy implementation to be the cause. Something non-standard interposes between the security manager and your custom policy, effectively preventing or overriding queries to the latter; e.g. a custom class loader having assigned a static, unprivileged protection domain to your classes.
– Uux
Nov 7 at 21:46




I'm unable to reproduce this (tried on JDK 8 and 11). I doubt the default policy implementation to be the cause. Something non-standard interposes between the security manager and your custom policy, effectively preventing or overriding queries to the latter; e.g. a custom class loader having assigned a static, unprivileged protection domain to your classes.
– Uux
Nov 7 at 21:46












@Uux Thanks a lot for taking the time. So in your case you can access the java.home property? If yes, can you gist your policy file?
– Karussell
Nov 8 at 9:18





@Uux Thanks a lot for taking the time. So in your case you can access the java.home property? If yes, can you gist your policy file?
– Karussell
Nov 8 at 9:18





1




1




@Karussell Yes, your snippet runs just fine (within a plain old main method, launched via plain old java -cp <classpath> <main-class>). I didn't modify my .policy file, because it ultimately doesn't matter -- once Policy.setPolicy has returned, it is your policy implementation that gets consulted, not the previous, default, file-backed one. You might want to try running with -Djava.security.debug="access,failure" and attach its output to your question.
– Uux
Nov 8 at 12:22





@Karussell Yes, your snippet runs just fine (within a plain old main method, launched via plain old java -cp <classpath> <main-class>). I didn't modify my .policy file, because it ultimately doesn't matter -- once Policy.setPolicy has returned, it is your policy implementation that gets consulted, not the previous, default, file-backed one. You might want to try running with -Djava.security.debug="access,failure" and attach its output to your question.
– Uux
Nov 8 at 12:22













I now better understand what I was trying to achieve: I want a programmatic way to set the policy where I see that if I set no permision then the System.getProperty call fails and if I grant PropertyPermission or AllPermission then the call goes through. And indeed the 2nd part works now (no idea why) but the 1st part goes through without any permission. And when I do Policy.getPolicy exactly the opposite happens (both parts fail,)
– Karussell
Nov 9 at 10:16





I now better understand what I was trying to achieve: I want a programmatic way to set the policy where I see that if I set no permision then the System.getProperty call fails and if I grant PropertyPermission or AllPermission then the call goes through. And indeed the 2nd part works now (no idea why) but the 1st part goes through without any permission. And when I do Policy.getPolicy exactly the opposite happens (both parts fail,)
– Karussell
Nov 9 at 10:16













2 Answers
2






active

oldest

votes

















up vote
10
down vote



accepted
+300










I was able to recreate your case with an extra Policy.getPolicy() before Policy.setPolicy(), the reason why it affects the behaviour is that with the get policy call, you trigger a default policy creation, and permissions from java.policy are set, but without a setSecurityManager() they are not activated, that is the reason when you do a custom AllPermission policy set, you still get a "java.util.PropertyPermission" "java.home" "read" issue, for many of such default policies are not overridden with the set policy. Very confusing structure indeed.



Policy.getPolicy();
Policy.setPolicy(policyWithAllPermission);
System.setSecurityManager(new SecurityManager());
System.out.println(System.getProperty("java.home"));
// results in access denied ("java.util.PropertyPermission" "java.home" "read")


But if you use the following custom policy;



Policy allPermissionPolicy = new Policy() 

 @Override
 public boolean implies(ProtectionDomain domain, Permission permission) 
 return true;
 
;


It essentially overrides all permission definitions, and lets all actions through, a possible fix for this confusion.






share|improve this answer


















  • 1




    Turns out you were intuitively on the right track from the very beginning (extra credit for having caught the OP's reference of calling getPolicy in addition to, and prior to, setPolicy, in the comments)! As for the "why, exactly" part of the story, see source of java.security.Policy#initPolicy.
    – Uux
    Nov 10 at 15:48

















up vote
1
down vote













In which context are you running your code above ?



from command line with a simple JVM or inside a webapp running on top of some JavaEE container? On which OS? with which JVM (Oracle, OpenJDK, IBM J9...) and which version?



If you're running from command line, have a look at the java.policy file located in your JVM installation path. Its content may narrow your grants and thus prevent you from accessing this particular system variable ?






share|improve this answer






















  • Have updated my question. So the policy file overwrites Policy.setPolicy? If this is really the case the javadocs for this method are more than misleading IMO.
    – Karussell
    Nov 7 at 10:46











Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53143074%2fenable-the-java-securitymanager-with-allpermission%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
10
down vote



accepted
+300










I was able to recreate your case with an extra Policy.getPolicy() before Policy.setPolicy(), the reason why it affects the behaviour is that with the get policy call, you trigger a default policy creation, and permissions from java.policy are set, but without a setSecurityManager() they are not activated, that is the reason when you do a custom AllPermission policy set, you still get a "java.util.PropertyPermission" "java.home" "read" issue, for many of such default policies are not overridden with the set policy. Very confusing structure indeed.



Policy.getPolicy();
Policy.setPolicy(policyWithAllPermission);
System.setSecurityManager(new SecurityManager());
System.out.println(System.getProperty("java.home"));
// results in access denied ("java.util.PropertyPermission" "java.home" "read")


But if you use the following custom policy;



Policy allPermissionPolicy = new Policy() 

 @Override
 public boolean implies(ProtectionDomain domain, Permission permission) 
 return true;
 
;


It essentially overrides all permission definitions, and lets all actions through, a possible fix for this confusion.






share|improve this answer


















  • 1




    Turns out you were intuitively on the right track from the very beginning (extra credit for having caught the OP's reference of calling getPolicy in addition to, and prior to, setPolicy, in the comments)! As for the "why, exactly" part of the story, see source of java.security.Policy#initPolicy.
    – Uux
    Nov 10 at 15:48














up vote
10
down vote



accepted
+300










I was able to recreate your case with an extra Policy.getPolicy() before Policy.setPolicy(), the reason why it affects the behaviour is that with the get policy call, you trigger a default policy creation, and permissions from java.policy are set, but without a setSecurityManager() they are not activated, that is the reason when you do a custom AllPermission policy set, you still get a "java.util.PropertyPermission" "java.home" "read" issue, for many of such default policies are not overridden with the set policy. Very confusing structure indeed.



Policy.getPolicy();
Policy.setPolicy(policyWithAllPermission);
System.setSecurityManager(new SecurityManager());
System.out.println(System.getProperty("java.home"));
// results in access denied ("java.util.PropertyPermission" "java.home" "read")


But if you use the following custom policy;



Policy allPermissionPolicy = new Policy() 

 @Override
 public boolean implies(ProtectionDomain domain, Permission permission) 
 return true;
 
;


It essentially overrides all permission definitions, and lets all actions through, a possible fix for this confusion.






share|improve this answer


















  • 1




    Turns out you were intuitively on the right track from the very beginning (extra credit for having caught the OP's reference of calling getPolicy in addition to, and prior to, setPolicy, in the comments)! As for the "why, exactly" part of the story, see source of java.security.Policy#initPolicy.
    – Uux
    Nov 10 at 15:48












up vote
10
down vote



accepted
+300







up vote
10
down vote



accepted
+300




+300




I was able to recreate your case with an extra Policy.getPolicy() before Policy.setPolicy(), the reason why it affects the behaviour is that with the get policy call, you trigger a default policy creation, and permissions from java.policy are set, but without a setSecurityManager() they are not activated, that is the reason when you do a custom AllPermission policy set, you still get a "java.util.PropertyPermission" "java.home" "read" issue, for many of such default policies are not overridden with the set policy. Very confusing structure indeed.



Policy.getPolicy();
Policy.setPolicy(policyWithAllPermission);
System.setSecurityManager(new SecurityManager());
System.out.println(System.getProperty("java.home"));
// results in access denied ("java.util.PropertyPermission" "java.home" "read")


But if you use the following custom policy;



Policy allPermissionPolicy = new Policy() 

 @Override
 public boolean implies(ProtectionDomain domain, Permission permission) 
 return true;
 
;


It essentially overrides all permission definitions, and lets all actions through, a possible fix for this confusion.






share|improve this answer














I was able to recreate your case with an extra Policy.getPolicy() before Policy.setPolicy(), the reason why it affects the behaviour is that with the get policy call, you trigger a default policy creation, and permissions from java.policy are set, but without a setSecurityManager() they are not activated, that is the reason when you do a custom AllPermission policy set, you still get a "java.util.PropertyPermission" "java.home" "read" issue, for many of such default policies are not overridden with the set policy. Very confusing structure indeed.



Policy.getPolicy();
Policy.setPolicy(policyWithAllPermission);
System.setSecurityManager(new SecurityManager());
System.out.println(System.getProperty("java.home"));
// results in access denied ("java.util.PropertyPermission" "java.home" "read")


But if you use the following custom policy;



Policy allPermissionPolicy = new Policy() 

 @Override
 public boolean implies(ProtectionDomain domain, Permission permission) 
 return true;
 
;


It essentially overrides all permission definitions, and lets all actions through, a possible fix for this confusion.







share|improve this answer














share|improve this answer



share|improve this answer








edited Nov 15 at 14:30

























answered Nov 7 at 10:53









buræquete

5,08141747




5,08141747







  • 1




    Turns out you were intuitively on the right track from the very beginning (extra credit for having caught the OP's reference of calling getPolicy in addition to, and prior to, setPolicy, in the comments)! As for the "why, exactly" part of the story, see source of java.security.Policy#initPolicy.
    – Uux
    Nov 10 at 15:48












  • 1




    Turns out you were intuitively on the right track from the very beginning (extra credit for having caught the OP's reference of calling getPolicy in addition to, and prior to, setPolicy, in the comments)! As for the "why, exactly" part of the story, see source of java.security.Policy#initPolicy.
    – Uux
    Nov 10 at 15:48







1




1




Turns out you were intuitively on the right track from the very beginning (extra credit for having caught the OP's reference of calling getPolicy in addition to, and prior to, setPolicy, in the comments)! As for the "why, exactly" part of the story, see source of java.security.Policy#initPolicy.
– Uux
Nov 10 at 15:48




Turns out you were intuitively on the right track from the very beginning (extra credit for having caught the OP's reference of calling getPolicy in addition to, and prior to, setPolicy, in the comments)! As for the "why, exactly" part of the story, see source of java.security.Policy#initPolicy.
– Uux
Nov 10 at 15:48












up vote
1
down vote













In which context are you running your code above ?



from command line with a simple JVM or inside a webapp running on top of some JavaEE container? On which OS? with which JVM (Oracle, OpenJDK, IBM J9...) and which version?



If you're running from command line, have a look at the java.policy file located in your JVM installation path. Its content may narrow your grants and thus prevent you from accessing this particular system variable ?






share|improve this answer






















  • Have updated my question. So the policy file overwrites Policy.setPolicy? If this is really the case the javadocs for this method are more than misleading IMO.
    – Karussell
    Nov 7 at 10:46















up vote
1
down vote













In which context are you running your code above ?



from command line with a simple JVM or inside a webapp running on top of some JavaEE container? On which OS? with which JVM (Oracle, OpenJDK, IBM J9...) and which version?



If you're running from command line, have a look at the java.policy file located in your JVM installation path. Its content may narrow your grants and thus prevent you from accessing this particular system variable ?






share|improve this answer






















  • Have updated my question. So the policy file overwrites Policy.setPolicy? If this is really the case the javadocs for this method are more than misleading IMO.
    – Karussell
    Nov 7 at 10:46













up vote
1
down vote










up vote
1
down vote









In which context are you running your code above ?



from command line with a simple JVM or inside a webapp running on top of some JavaEE container? On which OS? with which JVM (Oracle, OpenJDK, IBM J9...) and which version?



If you're running from command line, have a look at the java.policy file located in your JVM installation path. Its content may narrow your grants and thus prevent you from accessing this particular system variable ?






share|improve this answer














In which context are you running your code above ?



from command line with a simple JVM or inside a webapp running on top of some JavaEE container? On which OS? with which JVM (Oracle, OpenJDK, IBM J9...) and which version?



If you're running from command line, have a look at the java.policy file located in your JVM installation path. Its content may narrow your grants and thus prevent you from accessing this particular system variable ?







share|improve this answer














share|improve this answer



share|improve this answer








edited Nov 30 at 7:02









buræquete

5,08141747




5,08141747










answered Nov 7 at 10:41









Michael Zilbermann

1,204913




1,204913











  • Have updated my question. So the policy file overwrites Policy.setPolicy? If this is really the case the javadocs for this method are more than misleading IMO.
    – Karussell
    Nov 7 at 10:46

















  • Have updated my question. So the policy file overwrites Policy.setPolicy? If this is really the case the javadocs for this method are more than misleading IMO.
    – Karussell
    Nov 7 at 10:46
















Have updated my question. So the policy file overwrites Policy.setPolicy? If this is really the case the javadocs for this method are more than misleading IMO.
– Karussell
Nov 7 at 10:46





Have updated my question. So the policy file overwrites Policy.setPolicy? If this is really the case the javadocs for this method are more than misleading IMO.
– Karussell
Nov 7 at 10:46


















draft saved

draft discarded
















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53143074%2fenable-the-java-securitymanager-with-allpermission%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

How to how show current date and time by default on contact form 7 in WordPress without taking input from user in datetimepicker

Image
0 I have a "Ask for demo" form which has two options, 1. Contact me now and 2. Schedule a demo. If user selects option 1 then current date and time should by displayed on form and if he selects option 2 then A calendar is shown for taking user input. My problem is getting current date and time by default on form. Please help. TIA contact-form-7 share | improve this question asked Nov 12 '18 at 9:01 abhi25 abhi25 14 5 add a comment  |  0 I have a "Ask for demo" form which has two options, 1. Contact me now and 2. Schedule a demo. If user selects option 1 then current date and time should by displayed on form and if he selects option 2 then A calendar is shown for taking user input. My problem is getting current date and time by default on form. Please help. TIA contact-form-7 share | improve this question asked Nov 12 '18 at 9:01 abhi25 abhi25 14 5 add a commen
Read more

Syphilis

Image
Klassifikation nach ICD-10 A50 Syphilis connata A51 Frühsyphilis A52 Spätsyphilis A53 Sonstige und nicht näher bezeichnete Syphilis ICD-10 online (WHO-Version 2019) Syphilis , [1] auch Lues (venerea) , harter Schanker oder Franzosenkrankheit (maladie française) genannt, ist eine chronische Infektionskrankheit, die zur Gruppe der sexuell übertragbaren Erkrankungen gehört. Der Erreger der Syphilis ist das Bakterium Treponema pallidum ssp. pallidum . Die Syphilis wird hauptsächlich bei sexuellen Handlungen durch Schleimhautkontakt und ausschließlich von Mensch zu Mensch übertragen. Während der Schwangerschaft und bei der Geburt kann eine erkrankte Mutter ihr Kind infizieren ( Syphilis connata ). Das Erscheinungsbild der Krankheit ist vielfältig. Typisch ist ein Beginn mit schmerzlosen Schleimhautgeschwüren und Lymphknotenschwellungen. Bei einem Teil der Infizierten kommt es zu einem chronischen Verlauf, der durch vielfältigen Haut- und Organbefall gekennzeichnet ist. Im Endstadium kom
Read more

Darth Vader #20

Image
Wiki Characters Creators Teams Volumes Issues Publishers Locations Concepts Things Story Arcs Movies Series Episodes New Comics Forums Gen. Discussion Bug Reporting Delete/Combine Pages Artist Show-Off Off-Topic Contests Battles Fan-Fic RPG Comic Book Preview API Developers Editing & Tools Podcast Quests Community Top Users Activity Feed User Lists Community Promos Archives News Reviews Videos Podcasts Previews Login / Sign Up All Wiki     Arcs     Characters     Companies     Concepts     Issues     Locations     Movies     People     Teams     Things     Volumes     Series     Episodes Editorial     Videos     Articles     Reviews     Features Community     Users Wiki Characters Creators Teams Volumes Issues Publishers Locations Concepts Things Story Arcs Movies Series Episodes New Comics Forums Gen. Discussion Bug Reporting Delete/Combine Pages Artist Show-Off Off-Topic Contests Battles Fan-Fic RPG Comic Book Preview API Developers Editing & Tools Podcast Quests Com
Read more