Date: Thu, 30 Jul 1998 12:40:07 -0400 (EDT)
From: Robert Watson <rwatson@tis.com>
To: java-security@java.sun.com
Subject: java 1.2beta4 -- -usepolicy removed?
Under Java 1.2beta3, the -usepolicy: option could be used to specify the
policy file to apply to code run from the command line. However, under
Java 1.2beta4, this option no longer appears to work for us (Solaris Sparc
version):
% java -usepolicy:/home/rwatson/.java.policy sampleprogram
Unrecognized option: -usepolicy:/home/rwatson/.java.policy
Coul not create the Java virtual machine.
% java -version
java version "1.2beta4"
Classic VM (build JDK-1.2beta4-K, green threads, sunwjit)
% uname -r
5.5.1
-usepolicy is the documented mechanism for defining the policy file from
the command line in the Java 1.2 Security book, and described in the
architecture documents.
Also, we have observed that java.security.PolicyFile is no longer the
policy file used, instead sun.security.provider.PolicyFile. The source
code for this class is also not available in the src.jar archive, unlike
the source for java.security.PolicyFile (now no longer used).
The ability to specify the policy on the command line seems extremely
useful; similarly, the accessibility of the PolicyFile implementation was
very helpful, as need to extend its behavior, as it looks like ACL and
principal-based authorization will not be available in 1.2 final release.
Are we doing something wrong here? Should -usepolicy be working? Where
can we find source code to the current PolicyFile implementation?
Thanks,
Robert Watson
TISLabs at Trusted Information Systems