What permissions must be granted for applets to write temporary files?

Question

We\'re developing an applet and need it to be able to read/write files in the user\'s temporary files directory (e.g. C:\\Documents and Settings\\USERNAME\\Local Settings\\T

Answer 1

Using the policy file is kinda ok for testing but you should not be relying on it for your finished code, especially when granting a file permission, it is dangerous.

To interact with files you need to do the following.

1. Sign your jar - tons of tutorials like this, you can just do a self signed one.

2. Add the file creation code to a privileged block here is an example

   File myFile = (File) AccessController.doPrivileged(new PrivilegedAction() {
   public Object run() 
   {
       return new File("C:\\MyFolder\\MyFile");
   }
   
   });
   

Answer 2

Got to that same point. To grant the permission as close as possible to what is needed minimally, you can grant a FilePermission on ${java.io.tmpdir}\- with actions read,write,delete. This worked for me.

Of course you have to replace the ${...} by the value of the system property java.io.tmpdir. This property is used by java.io.File.createTempFile.

Note: With someDir\- you grant recursive access to all subdirs of the someDir path. At this point you can use someDir\* but I haven't tested it.

If you use policy files to grant permissions there is a good chance that those files already support referencing system properties. But google that again to be sure. If you use a custom policy implementation you can easily create the permission java.io.FilePermission.