all-permissions/

Similar Messages

• System Folder errors after I changed all permissions on HD to read & write

  Hi,
  Two things may have caused probs on my new 2010 iMac (Snow Leopard), and Applecare is shut so I would really appreciate some help as I have urgent work.
  1) INCORRECT PERMISSIONS
  I have been stupid. I clicked on Macintosh HD and changed all permissions to read & write because I wanted to be sure I could open and edit all documents on other computers.
  I ran Disk Utility Repair Permissions from the install disc, but I am still getting system error messages, and my HP printer won't work.
  The first message, in Repair Permissions, said: Warning: SUID file System/Library/Cores has been modified and will not be repaired. I have read a support doc on this which says no need to worry but I don't like it and would like to fix this.
  More importantly, my HP printer won't work, displays error beside the document in print dialogue box.
  Deleting the printer and readding it didn't work, so I downloaded new drivers and tried to install them, which is when I got the second system error message: System extension System/Library/Extensions/BJUSBLoad.kext was installed improperly and cannot be used. Please try reinstalling it or contact product's vendor for an update.
  I checked the permissions on the file and they were still wrong despite Repair Permissions, allowing everyone to read & write. So I have now clicked on the entire System folder and changed the permissions to: System read & write, admin read only, everyone read only.
  Will this fix it or do I need to do something else, such as check ownership, to make sure all permissions on the computer are now correct?
  2) MEMORY STICK SHUT DOWN MY IMAC
  Additionally (though I don't think this had anything to do with my problems), I inserted a Sandisk USB memory stick the other day and it immediately shut down the computer. When I inserted it into my Macbook it initially rejected it and gave me a message saying the device wanted too much power so it had ejected it to prevent damage to my computer. When I tried again it was OK. I totally reformatted the stick in case there was something harmful on it, but should I now bin the stick as faulty? Scared to use it again.
  3) IS IT BEST TO REINSTALL ENTIRE SOFTWARE?
  If I do a reinstall of all the software from the install disc, will it wipe out all my data, such as Mail, documents, bookmarks and other apps?
  I would back-up, but if I try and back up files on my external drive it will automatically do a Time Machine back-up and I don't want to do that in case it backs-up all the corrupted files. Otherwise, I wouldn't mind starting again just to be sure all is well.
  Expert advice would be very much appreciated.
  Thank you
  Sarah

  Oh, silly really. I was in a hurry and working on docs that I needed to take to the office and open on another computer there.
  But when I checked the permissions on the doc it said I could read & write but everyone else was read only.
  I thought if I opened it on another machine I'd be stuck with read only access and not be able to work on there. I think I couldn't change it, so I thought to avoid any future problems like that I would change everything on machine!
  Yikes. Won't do that again
  Sarah

• Hello there - I am sharing an iPhoto library across two accounts on the same computer - it works fine EXCEPT for Quicktime movies - they play on one account and claim I don't have the rights on the other - all permissions are on and ok?

  Hello there - I am sharing an iPhoto library across two accounts on the same computer - it works fine EXCEPT for Quicktime movies - they play on one account and claim I don't have the rights on the other - all permissions are on and ok?

  It should be in the Users/ Shared folder.
  Back Up and try rebuild the library: hold down the command and option (or alt) keys while launching iPhoto. Use the resulting dialogue to rebuild. Note the option to check and repair Library Permissions
  Regards
  TD

• How to grant "view all" permissions?

  I have an Oracle Portal 10.1.2.2 instance w/ several thousand pages and several hundred groups.
  How may I grant a group permission to view all portal pages w/o explicitly assigning the group permissions to each page nor granting them DBA or other elevated rights?
  My specific scenario is granting executive leadership "view all" permissions w/o editing several thousand pages.
  TIA

  Hi
  You can define permissions on the pagegroup level so that the users you want will be able to view all the pages of that pagegroup.
  You could also play with permissions inheritance but this would be done manually for each page levels if not done yet.
  Arnaud

• JNLP FileOpenService warning despite signed applet w/ "all-permissions"

  Hi all,
  We are deploying an applet using java 7u21. The applet is signed and the jnlp file contains a security section requesting "all-permissions". Even so, every time that we run the applet a pop-up appears with "The application has requested read/write access to a file on the machine. [...]"
  My understanding is that this warning should no longer display... Is that true? The only thing I have found related to this is http://docs.oracle.com/javase/7/docs/technotes/guides/javaws/developersguide/faq.html#s407, but that seems to indicate I should only see this dialog if I lack file access permissions. (I think I have those via trusted cert + jnlp all-permissions setting).
  Thanks for the help,
  Buzzy
  Relevant text from the link:
  5074526: ExtenededService file APIs show security dialog even if app is signed.
  In version 1.5.0.
  When using the FileOpen Service, the security dialog will only show if the application does not
  have file access permissions. This is not true with the new ExtendedService OpenFile, and
  OpenFiles methods, the security dialog shows anyway.

  I am having the same problem. We are using JRE 1.4.1_05. When a certain EJB is called I get:
  java.security.AccessControlException: access denied (java.net.SocketPermission XXX.XX.XX.XXX:7001, connect,resolve)
  at java.security.AccessControlContext.checkPermission (Unknown Source)...
  I have tried setting the following permission in my jre's /lib/security/java.policy file:
  grant{
  permission java.net.SocketPermission "host:port", "accept,connect";
  After setting this permission the EJB that caused this error seems to crash. Is this the correct permission to set for the above mentioned exception? Is there any other alternative to uninstalling the security manager?

• All-permissions not granted to JMS Threads

  Hello,
  I have a client/server app that I am deploying through webstart with All-Permissions requested.
  The client subscribes to JMS topics on a weblogic 6.1 server and hence has both the application jar and the weblogic.jar in the jnlp resources section (both signed by the same certificate).
  When the app runs, most things run OK, and have full access to the system, but when a JMS message is received a security exception is thrown (SerializablePermission / enableSubstitution). I put in some debug and sure enough the AllPermissions permission is granted for the main app, but throws an exception from within the onMessage callback.
  I am guessing that this has something to do with the fact that the onMessage callback is called by a daemon thread that is constructed from within the weblogic.jar (one of the the kernel ExecuteThreads), and that this thread is for some reason being assigned different permissions.
  Has anyone ever come across this before, and do they know of any solutions or workarounds? Any help would be greatly appreciated as this is pretty urgent.
  Thanks in advance!

  The all-permissions is granted only to the code loaded by the JNLPClassLoader.
  In this case, is another ClassLoader (an RMIClassLoader?) used to load code invoked by RMI calls ?
  /Dietz

• Create New Test Database with all permissions

  Hi all,
  We have a Oracle9i database running on Linux platform . Currently 40 users working on it. Now i want to create another test database with giving all permissions to it. Give your valuable suggestions.
  Regards,
  Sudarshanam

  The answer to your question as I understand now would be,
  grant DBA to <user>;
  But I think you mean something else. Please be more clear

• Is it possible to give everyone all permissions to all files?

  I absolutely hate the fact that my Mac keeps nagging me for my password all the time because it needs permission to a file, and even worse with Apache which doesn't ask, it just fails with no error. I have never had an issue with having all permissions in Windows, is this possible on the Mac?

  You must be joking (and trying to mess with me) ... You don't really have a Mac, do you? Most Mac OS X software is installed without affecting the system. You often drag and drop the application to the Applications folder. There is no funky "registry." There is no add/remove programs control panel. Mac OS X will pop up a warning about running program ABC for the first time; that's just an "OK" there, no user name and password. Applications, user data/settings, and the system are intentionally kept separate. Only software like system updates and security updates makes changes to the system, and that's just a small percentage of software most people install.
  Dealing with permissions in Mac OS X is far easier and more pleasant than dealing with anti-malware programs in Windows, and the warnings that pop up if you don't have them installed (and paid for).

• Warning popup for jnlp and all-permissions security, recent java update

  We have a java program running with java webstart. The jnlp includes the all-permissions security level.
  All jar files have a manifest with Permissions: all-permissions and all jar files are signed with our trusted certificate.
  When the program is started we get a popup saying something like:
  "This application will run with unrestricted access which may put your computer and personal information at risk. Run this application only if you trust the locations and publisher above."
  This popup is coming _everytime_ the program is started... which is very annoying for the user and causes support issues for the organization.
  This has started to happen in the recent java update. First the program did not start at all until we included the Permission attribute in every jar's manifest.
  How can we get rid of this popup?
  Best regards,
  Emil

  If we add the following to the manifest of the jar files:
  Permissions: all-permission
  Application-Library-Allowable-Codebase: *
  Caller-Allowable-Codebase: *
  It seems like the "checkbox" to only show the warning message once is back again (without those two last lines above in the manifest there is no checkbox at all).

• Resetting all permissions

  Some how I have managed to lock myself out of everything but my startup hard drive. All external and internal drives have lock icons on them. I would like regain access to my drives and set up the permissions so that I never have to worry about permissions to get access to my other drives or networked computers.
  I need to keep it simple.
  Any thoughts would be greatly appreciated.

  I am not sure if you already tried to do this, but if you go to the drive on the desktop, and go Apple+I (Get Info) then go down to Sharing and Permissions, you can see what permissions are designated for that drive. If you are not listed, add yourself to the list as read and write. If it is greyed out, click the lock button. Also, go to Disk Utility (Applications > Utilties > Disk Utility) and repair all permissions. This may help, it may not.

• AccessControlException even with all-permissions

  Hi, I have a webstart app that I am trying to get working. My problem is this: I give the app "all-permissions" in the jnlp file, and webstart asks me if I want to give unrestricted access to the app, I click "Start", and then I get an AccessControlException.
  Here is my jnlp file:
  <?xml version="1.0"?>
  <jnlp codebase="$$codebase" href="launchDev.jnlp">
  <information>
  <title>My Dashboard</title>
  <vendor>My Company</vendor>
  <description>A Dashboard</description>
  </information>
  <security>
  <all-permissions/>
  </security>
  <resources>
  <j2se version="1.4"/>
  <jar href="dashboard-signed.jar"/>
  <jar href="tradetone-signed.jar"/>
  <jar href="log4j-signed.jar"/>
  </resources>
  <resources os="Windows\ NT">
  <jar href="tibrvj-66-signed.jar"/>
  </resources>
  <resources os="Windows\ XP Windows\ 2000">
  <jar href="tibrvj-69-signed.jar"/>
  </resources>
  <application-desc main-class="com.mycompany.dashboard.Dashboard">
  <argument>Dev</argument>
  <argument>$$context</argument>
  </application-desc>
  </jnlp>
  Here is the code I'm trying to run:
  URL testUrl = Thread.currentThread().getContextClassLoader().getResource("myfile.txt");
  And here is the exception I get:
  com.mycompany.dashboard.DashboardException: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader)
       at com.mycompany.dashmodules.servicelauncher.ServiceLauncher.init(ServiceLauncher.java:119)
       at com.mycompany.dashboard.Dashboard.<init>(Dashboard.java:119)
       at com.mycompany.dashboard.Dashboard.main(Dashboard.java:264)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:324)
       at com.sun.javaws.Launcher.executeApplication(Unknown Source)
       at com.sun.javaws.Launcher.executeMainClass(Unknown Source)
       at com.sun.javaws.Launcher.continueLaunch(Unknown Source)
       at com.sun.javaws.Launcher.handleApplicationDesc(Unknown Source)
       at com.sun.javaws.Launcher.handleLaunchFile(Unknown Source)
       at com.sun.javaws.Launcher.run(Unknown Source)
       at java.lang.Thread.run(Thread.java:536)
  Caused by: java.security.AccessControlException: access denied (java.lang.RuntimePermission getClassLoader)
       at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
       at java.security.AccessController.checkPermission(AccessController.java:401)
       at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
       at java.lang.Thread.getContextClassLoader(Thread.java:1189)
       at com.mycompany.dashmodules.servicelauncher.ServiceLauncher.init(ServiceLauncher.java:106)
       ... 13 more
  Does anyone have any idea what is going on? I also get an AccessControlAcception with the following line:
  System.getProperty("java.util.prefs.PreferencesFactory");
  Thanks!
  Jason

  I figured it out. For some reason, the classes I loaded with my own URLClassLoader didn't have the same permissions as the classes loaded directly through WebStart. What I did was to include my own policy file in a jar with webstart, which granted java.security.AllPermissions to everything, i.e. all code bases. Then in my Main Class, I did:
  URL policyUrl = Thread.currentThread().getContextClassLoader().getResource("my.java.policy");
  Policy.getPolicy().refresh();
  This fixed it. I am guessing that when you give "all-permissions" to your webstart app, it assigns java.security.AllPermissions to code loaded from the webstart codebase, but not to code from other codebases. Changing the Policy widened this permission to everything.
  Another alternative would have been to write my own Policy subclass which permitted everything and then call Policy.setPolicy() with it.
  Jason

• Webstart All Permissions

  Hello,
  I am on a nerwork behind a fiewall. I need to do one of the following:
  1. Give all permissions to a Jar file without signing it with a certificate
  OR
  2. Sign it with a test certificate, but not display the security screen for the first time the application is used.
  Is this possible in any way?
  Thank you

  I'm afraid not :(

• Terminal Command to Remove All Permissions on a Drive (Please help)

  Sorry, I'm new and was wondering what the Terminal command is to set all permissions to Root as the owner and propagate those permissions to every folder and file on a drive. Any help would be great appreciated.

  Long story. Basically I have files that are tagged with unknown user info. What I'm trying to do is remove the info and propagate that info the the file within the folder. I've done this before, but I can't remember the command.

• Help to give All Permissions to a JC App using the multi-jnlp method

  After gleaning what I could about providing All Permissions, it seems the multi-jnlp method is the best. I can't seem to get the access to work right though. There are three .jar files for my app (all created with Apple's Web Objects). One is from the main app. The other two are from frameworks. Below are the two .jnlp files that I've created to provide All Permissions for them. When I launch, I don't get any type of a security dialog. Any file system actions throw the access error still.
  If someone could help me configure these right to get all permissions working, I'd be thankful enough to send you a CD from my catalog. This problem has been plaguing the app for some time. It's preventing me from doing some really cool stuff.
  thanks,
  Jaime
  -- JavaClient.jnlp --
  <?xml version="1.0" encoding="UTF-8"?>
  <jnlp href="http://apollo.sensoryresearch.com:15000/cgi-bin/WebObjects/ThoughtConduit.woa/eowebstart/com.webobjects.eodistribution._EOWebStartAction/webStart/JavaClient.jnlp" spec="1.0+" codebase="http://apollo.sensoryresearch.com:15000/cgi-bin/WebObjects/ThoughtConduit.woa/wr">
  <information>
  <title>Work!</title>
  <vendor>Sensory Research</vendor>
  <homepage href="http://www.sensoryresearch.com" />
  <offline-allowed />
  </information>
  <resources>
  <j2se version="1.4+" />
       <jar download="eager" href="wojavaclient.jar"/>
       <extension name="ThoughtConduit" href="ThoughtConduit.jnlp"/>
  </resources>
  <application-desc main-class="com.webobjects.eoapplication.client.EOClientApplicationSupport">
       <argument>-applicationURL</argument>
  <argument>http://apollo.sensoryresearch.com:15000/cgi-bin/WebObjects/ThoughtConduit.woa</argument>
  <argument>-page</argument>
  <argument>JavaClient</argument>
  <argument>-suppressClassLoading</argument>
  <argument>true</argument>
  </application-desc>
  </jnlp>
  -- ThoughtConduit.jnlp --
  <?xml version="1.0" encoding="utf-8"?>
  <jnlp href="http://apollo.sensoryresearch.com:15000/cgi-bin/WebObjects/ThoughtConduit.woa/eowebstart/com.webobjects.eodistribution._EOWebStartAction/webStart/JavaClient.jnlp" spec="1.0+" codebase="http://apollo.sensoryresearch.com:15000/cgi-bin/WebObjects/ThoughtConduit.woa/wr">
  <information>
  <title>ThoughtConduit</title>
  <vendor>Sensory Research</vendor>
       <homepage href="http://apollo.sensoryresearch.com:15000/cgi-bin/WebObjects/ThoughtConduit.woa"/>
  <description>Description</description>
  </information>
  <resources>
       <j2se version="1.4+"/>
  <jar download="eager" href="ThoughtConduitAuthentication.jar"/>
  <jar download="eager" href="ThoughtConduitWO.jar"/>
  </resources>
  <component-desc/>
  <security>
  �� <all-permissions/>
  </security>
  </jnlp>

  just a note - this may cause the problem:
  in the first jnlp file, you have codebase=".../ThoughtConduit.woa/wr", and
  <extension name="ThoughtConduit" href="ThoughtConduit.jnlp"/> , which makes the full reference to the extension jnlp file as:
  .../ThoughtConduit.woa/wr/ThoughtConduit.jnlp"
  but in the second jnlp file you show:
  <jnlp href=
  "...ThoughtConduit.woa/eowebstart/com.webobjects.eodistribution._EOWebStartAction/webStart/JavaClient.jnlp
  so the extension jnlp file re-references the main one as a pointer to itself.
  you should either omit the href in the extension jnlp file, or actually point to this file.
  /Dietz

• I was kicked out of my email (rcn) and can't get back in. It happened when I blocked all permissions on an ad in the inbox page. rcn said it's a mozilla issue.

  I had removed a pop up ad from my email inbox page and tried to do the same to another one on the opposite side of the page. I think this ad was not a pop up but part of the inbox page. As I did to the pop up ad, I right clicked on it, and then clicked on 'View Page Info'. I then went to the 'Permissions' window where there were 7 categories, all with the 'use default' option checked. I unchecked all of them and checked 'Blocked' for all 7.
  As soon as I closed the window, I was thrown out of my inbox and was sent back to the log-in page for my email. When I went to log back in, I was unable to. I am stuck on the log-in page and it won't let me access my inbox. I called RCN, my provider, who was able to get in right away. I then used my Internet Explorer browser and was able to get into my email inbox perfectly fine. The 'tech' at rcn said it has something to do with Mozilla and tried to get me to reset it but warned me that I will lose all settings. I am hesitant to do that and I would so appreciate you fine folks at Mozilla to tell me what happened and how to fix it.
  Thank you.

  You can undo your permission changes. Probably the most relevant one is cookies. Try one or both of these methods:
  (1) Page Info > Permissions tab
  While viewing a page on the site:
  * right-click and choose View Page Info > Permissions
  * Alt+t (open the classic Tools menu) > Page Info > Permissions
  (2) about:permissions
  In a new tab, type or paste '''about:permissions''' and press Enter. Allow a few moments for the list on the left to populate, as this information needs to be extracted from a database.
  Then type or paste ''rcn''' in the search box above the list to filter it to the most relevant domains. When you highlight a domain, you can adjust its permissions in the right pane.
  Any luck?