At first, sorry for my bad english. I'm from Germany. Currently i am programing an Java application that executes applications remotely. Now i want to restrict the file access for each process that every process can only read and write files in his specific working Directory and files in directorys below but not files in directorys above. This program should be work on windows and on linux. My First idea was to create for every process an new user with the specific Access permissions but i don't know how i can do this in Java and this soulution sounds for me a little bit dirty.
Asked
Active
Viewed 396 times
1
-
Sounds interesting, but it looks to me that this only works on linux – Dominik Viererbe Mar 26 '16 at 11:21
-
Create ACL for processed based on a role. Then assign a role to user. Then you have a simple function to check the user has the role to get permissions. – Roman C Mar 26 '16 at 11:22
-
1Take a look at [Limiting file access in Java](http://stackoverflow.com/questions/5526008/limiting-file-access-in-java) – Evgeny Mar 26 '16 at 11:23
1 Answers
0
At that time, when I asked this question, I basically wanted to only automatically start processes and additionally isolate the processes from the rest of the system.
This Problem becomes now realy simple to solve through Docker and Kubernetes.
You can run:
docker run -v <Host-Directory>:<Container-Directory> -d --rm dockerimage
Through the -v <Host-Directory>:<Container-Directory> switch you can mount a specific directory to an directory in the docker container. You can read more about that in the Docker Documentation:
https://docs.docker.com/engine/reference/commandline/run/#mount-volume--v---read-only
Dominik Viererbe
- 387
- 2
- 12