- Servlets are run by the container and ususally are owned by the user
"nobody" on a Unix machine.
- This means that you can only read file and write files to directories
that are accessible in this fashion by this user.
- If you do not specify the path where you want to open a file from,
it will usually be in some default path on the server that this user
owns. In our case, it is /usr/local/tomcat/logs. We do not want to write
files here, although there is currently nothing in the container specs
that prevent this possibility.
What does this mean for an Enterprise organization.
- they set aside some portion of the server filesystem for reading/writting
and make it accesible by this user so any servlet can read and write
into it.
- As developers trust each other this is no problem.
What this means for you for your account ...and what is best to make
your account the most secure we can.
- we are not so trusting on a machine shared by students (unfortunately)
- so, what you should do is the following:
- under your public_html directory make a comments directory, give
it your own unique name and make the mode 707. This means that any
other owner not in your student group can read and write to it including
the servlet you are making.
- Optional but, for extra security: make your public_html directory
filemod 701. This means that others can't read what is in it, nor
can any group.
Example:
Servlet
Writing a file called g.txt
Code
Example 2:
Servlet
Checking listing of directory wrote previous file into
Tip: Uses File class in java.io
import java.io.File;
File dir = new File("/etc");
String [] files = dir.list();
for ( int i=0; i < files.length; i++ ) { System.out.println(files[i]);
}
Example 3:
Servlet
Checking listing of directory wrote previous file into
Note: May not work due to security issues...restricted access to Runtime.
Tip: Use the Runtime class to invoke operating system commands
like "ls" on Unix and then retrieve the results through the
created
Process object (using the inputstream).
|