All applications can listen on sockets on the localhost for ports 1024
and up. In addition I gave all files on my machine to connect and
resolv on localhost. If I try to do a Naming.lookup() from another
machine it will succeed, even though I didn't give rmiregistry accept
permission for anything. Calls to my rmi program fail from another
machine. Calls from the localhost succeed though.
My questions are:
1) How come rmiregistry works when I didn't give it accept permission
for *any* machine, not even the localhost?
2) How come my rmi program will accept calls from the localhost when I
didn't give it permission to accept from any machine? And if it will
accept from the localhost, why not from other hosts?
here is my java.policy:
/* AUTOMATICALLY GENERATED ON Thu Dec 09 21:47:50 EST 1999*/
/* DO NOT EDIT */
grant codeBase "file:${java.home}/lib/ext/*" {
};
grant {
permission java.lang.RuntimePermission "stopThread";
permission java.net.SocketPermission "localhost:1024-", "listen";
permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "file.separator", "read";
permission java.util.PropertyPermission "path.separator", "read";
permission java.util.PropertyPermission "line.separator", "read";
permission java.util.PropertyPermission "java.specification.version",
"read";
permission java.util.PropertyPermission "java.specification.vendor",
"read";
permission java.util.PropertyPermission "java.specification.name",
"read";
permission java.util.PropertyPermission
"java.vm.specification.version", "read";
permission java.util.PropertyPermission
"java.vm.specification.vendor", "read";
permission java.util.PropertyPermission "java.vm.specification.name",
"read";
permission java.util.PropertyPermission "java.vm.version", "read";
permission java.util.PropertyPermission "java.vm.vendor", "read";
permission java.util.PropertyPermission "java.vm.name", "read";
};
grant codeBase "file://-" {
permission java.io.FilePermission "<<ALL FILES>>", "read, write,
delete, execute";
permission java.net.SocketPermission "localhost", "connect, resolve";
};
----------------------------------------------------------------------
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
