security - Keeping my Java program secure -


I have a Java project that uses a library, this library needs root privileges to perform certain tasks. That is what I need in my project. I should note that despite the Java-based project it is only for Linux.

There will be several tasks in this project which do not require root privileges, some of which have to negotiate with the Root privilege task and nothing else.

In addition, the project will execute programs such as user input data under root rights.

All this root activity has worried me about security. My system target machine user will have its own computer and there is no intention to run this system on some public terminal but security is still important because The unknown external Bluetooth device will be able to interact with this system.

So far, my security measures include a number of filtering user inputs, and with very careful attention to all the tasks that the external Bluetooth devices will cause the system to be executed, but I am unhappy with this I am

What will people recommend? One idea is to divide the system into two or three modules, which have a GUI and non-root backend, which include a root cover and other tools for the Bluukov root backend and potentially HCIC config.

I have seen some programs, for example Apache, who once run their privileges "drop down" how is it achieved and what is it effective?

Whether this setup system call (in libc), which you noted, effectively goes down to the privilege of the process. Can call, or

It works very well, even for Java programs, except that when you go from root to non-root, you will not be able to do any work. High privileges If required, then the technique can only be used when Apache does, as all privileged operations can be advanced.

Another possibility is to split your program into two processes - when launched, your program runs another program, runs as root, then the original root is non-root To devalue is to be done. Two processes can communicate on their stdin / stdout.


Comments

Post a Comment

Popular posts from this blog

sql - dynamically varied number of conditions in the 'where' statement using LINQ -

I am using my first project LINQ (in mvc), so maybe there's something very simple that I remember. However, a day of searching and experimenting does not work, so it works. I am trying to write a LINQ query (Linux to SQL) in which in many cases where the statement is different from an OR or an AND. We do not know how many conditions are going in the query till runtime. This search is for filter control, where the user can choose multiple criteria for filtering. Select from table where table.col = 1 or table.col = 2 or table.col = 7 .... 'Other number of conditions Before I just create the SQL query as a string, while looping over all the situations. However, it seems that there should be a good way to do this in LINQ. I tried to use Expression trees, but they had a second thought for this moment on my head, where the lambda function was to be executed inside the statement such as: values ​​for matchingRows = matchingRows for each value Where (function (row) row.c...
Read more

asp.net mvc - Dynamically Generated Ajax.BeginForm -

I have a problem with ASP.NET MVC Ajax forms. I generate many Ajax form in a table such as: & Lt; Input type = "submit" name = "activity" value = "add activity" / & gt; & Lt;%}% & gt; & Lt; / TD & gt; & Lt; / TR & gt; & Lt;%}% & gt; So far so good. When I post one of those forms, it gives a partial view in a div, and in this new partial view a new Ajax Beginnform (which is not in Genesis form) This second Ajax Beginnorf is exactly like the ones I got on the table, but when I post it, I do not get the "Ajax Post", but a normal post that sends me to a new page, I do not know whether the two Ajax forms What is the reason for the difference between, why is it the "dynamically generated" Ajax form behaves like a normal HTML form? By the way, I know that I can do it in different ways using javascript, but I would like to understand whether it can only be done using MVC helplars and Ajax lib...
Read more

Debug on symbian -

I am using trk for phone debug This works well for the Holorld project But when I start the project in phone debug mode 1) the load failed 2) TrkProtocolPlugin: to target the specified file Failure (please verify If any body understands what problem I am experiencing, then this problem helps me Pre-release If the application has the privileges assigned (with the appropriate certificate) itemprop = "text" > In your case, I will check: / li> If there is no conflict of application ID with any other application of device If there are problematic commands in the installation package (for example copy copy for non-accessible directories)
Read more