Skip to main content

Need help with a .perm file (debugging, creating, etc)

4 replies [Last post]
david_crandall
Offline
Joined: 2010-01-05
Points: 0

I need some help troubleshooting what I do and don't have, with this .perm file.

Ok, here's what I have:

I'm trying to open a file, write to it, and close it. It throws:
access denied (org.cablelabs.impl.security.PersistentStoragePermission *)

the filename is: [opening local storage]/1/6021/whatever.txt
Which I get from amalgamating the persistent root properties, etc from dvb.persistent.root, org.id, app.id

What I think is appropriate from my hostapp.properties file
app.8.application_identifier=0x000000016021

Just for the sake of this application, I'm using an organization id of '1', and an app ID of '6021' (although I'm not married to either of these numbers).

My perm file is:
<?xml version="1.0" ?>

whatever.txt
123456
3

...and finally, the basic code:

try
{
ObjectInputStream ois = new ObjectInputStream(new FileInputStream(
new File(pathname)));
ois.close();
}
catch (FileNotFoundException e)
{
// This will happen virtually all the time this exists without a file.
System.out.println("Simple filenotfound exception");
e.printStackTrace();
}
catch (IOException e)
{
System.out.println("This is probably bad and should be investigated");
e.printStackTrace();
}
catch (Exception e)
{
System.out.println("This should never happen, and if it does, LOOK");
e.printStackTrace();
}

So, I'm curious if I even have it titled right, is it even getting the perm file... basically what I do have and what I don't, with this.

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
david_crandall
Offline
Joined: 2010-01-05
Points: 0

Ok, so, it would help to let the users know this is with RI stack 1.1.3

In 1.1.4 AppClassLoader.java has a cast to (PolicyImpl) on line 162 that would indicate why this functionality in 1.1.3 might be a little...non-functional.

Because basically in troubleshooting this, I didn't see any xml parsing, any anything happening with even so much as looking for a .perm file, ever. I went so far as to stub-in out-of-bounds exceptions just to make sure I was seeing that yes, it really wasn't getting called.

(FYI: My ID was within the 0x4000-0x7fff, so it should have been being checked as unsigned (we currently have the 'nerfed' noauth suggested in our mpeenv.ini).)

Which made sense, because in AppClassLoader.java in 1.1.3, it was calling the JDK's version of Policy and not "PolicyImpl". The only reason a perm file ever worked in versions previous to 1.1.3 was most likely the changes in SecurityManagerImpl.

david_crandall
Offline
Joined: 2010-01-05
Points: 0

Answered as 'fixed in 1.1.4'

greg80303
Offline
Joined: 2008-07-03
Points: 0

Your "permissionrequestfile" element looks properly formatted according to the appID/orgID that you have indicated in your hostapp.properties file. A couple of questions:

1) Is the perm file itself named properly and located in the correct location in the filesystem? The permfile must be named "ocap..perm", where is the name of the initial Xlet class for the app. For example, if your initial Xlet class is org.myorg.ocap.MyOcapXlet, the perm file must be named ocap.MyOcapXlet.perm. Additionally, the perm file must be located in the same directory as the initial xlet .class file.

2) Is there a reason that you are trying to use persistentfilecredential instead of just permission? An application is granted basic access to persistent storage by just including the element in its permission request file

G

david_crandall
Offline
Joined: 2010-01-05
Points: 0

Wow, thank you for the reply!

I basically do a lot of R&D in my engineering... rip and duplicate... and that's how most of what I know in that perm file to exist. ;)

Ok, here's what else I know: I stubbed in a bunch of obvious print statements into what I believe is the appropriate xml parsing (I see no other place things like 'certchainfile' is handled within the stack)...and I'm not sure it's ever parsing the file. I don't see any of the appropriate print statements at all, getting printed-out... and I know I don't have my standard-out messed-up because it's catching other ones I just put in as a sanity check for standard-out.

The name of the app is "FileTester.class" and I have ocap.FileTester.perm as the appropriate permissions file.