Java Security, 2nd Edition by Scott Oaks

Type

java.io.FilePermission

Name

The name of the file that you want to operate on. Of course, filenames are platform-specific. Hence, /myclasses/xyz is a valid name for a file permission on a Unix system, but not on a Macintosh (where an equivalent name might be System Disk:myclasses:xyz). Because a backslash has special meaning to the code that parses a policy file, to specify a Microsoft Windows file you must use two backslashes: C:\\myclasses\\xyz.

It’s generally better to use a special syntax that specifies platform-independent names. The string ${/} is expanded at runtime to be the file separator symbol for the platform so that the string ${/}files${/}jre1.3${/}lib can be used to specify the same directory hierarchy on any platform. In addition, you can use any standard Java property when you specify a filename so that the string ${user.home}${/}.keystore will expand to /home/sdo/.keystore or C:\WINDOWS\ .keystore or whatever other platform-specific name is appropriate.

Two wildcard patterns are available for specifying filenames: an asterisk matches all files in a given directory and a hyphen matches all files that reside in a directory hierarchy. Hence the string ${user.home}${/}* matches all files that are in the user’s home directory, but no files that are in directories contained within the user’s home directory. The string ${user.home}${/}- matches any file in the user’s home directory and all of its subdirectories. If you want to match all ...