Hi all,
I know this is a quite common subject but I didn't find any ultimate answer. In a shared hosting environment, how can I prevent clientX to read files from clientY ?
- java.policy doesn't cover this. If I use grant codeBase 'file:/...' or 'http://', it doesn't work.
- can I override SecurityManager ? If so, how can I know which JSP/Servlets is trying to read a file ? ( inside the methgd checkRead I now the file... If I know the absolute path I can compare the location of the reader and the file being read )
Did anybody make a secure shared-hosting environment ????
I do not want to use a private JVM for each client, because it's too expensive.
Thanks in advance
Renato - Brazil.
Do You Yahoo!?
Yahoo! Auctions $2 Million Sweepstakes - Got something to sell?
