admin管理员组文章数量:1201180
I have a java program from which i would like to access a file that requires admin privileges. I use IntelliJ IDE for development and I would like to start the program from the IDE.
I have an EncryptionModule with two methods void encrypt(String password, String databaseName) and void decrypt(String password, String databaseName). The methods take the password and the path to the file provided by the user. It should be possible to encrypt/ decrypt a csv file or a mysql database.
It works with the csv file, but to encrypt the database I need to access the database table. The database is inside a docker container, thus I need admin privileges to access the table.
Without admin privileges the program says "File does not exist". Whats the output from the else case in the if clause in the encrypt/ decrypt method:
Path path = Paths.get(databaseName);
if (Files.exists(path)){
...
} else {
System.out.println("File does not exist");
}
I already tried to execute the IDE as root, but when I open the project, the IDE crashes. And I would prefer a solution without executing the whole IDE as root.
How do I grant the program the required privileges? Or is there another solution to what I want to do?
OS: Ubuntu, but it should work on Windows too.
Code:
package com.example.passwordsafe.data;
import com.example.passwordsafe.core.usecases.EncryptionModuleInterface;
import javax.crypto.*;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.*;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
public class EncryptionModule implements EncryptionModuleInterface {
private static final int ITERATION_COUNT = 1000000;
private static final int KEY_LENGTH = 256;
private static final String PBKDF_ALGORITHM = "PBKDF2WithHmacSHA1";
private static final String TRANSFORMATION = "AES/CBC/PKCS5Padding";
private static final String ALGORITHM = "AES";
@Override
public void encrypt(String password, String databaseName) {
Path path = Paths.get(databaseName);
if (Files.exists(path)){
File plaintextFile = new File(databaseName);
File encryptedFile = new File(databaseName + ".encrypted");
doEncryption(password, plaintextFile, encryptedFile);
plaintextFile.delete();
path = Paths.get(databaseName + ".encrypted");
try {
Files.move(path, path.resolveSibling(databaseName));
} catch (IOException e) {
throw new RuntimeException(e);
}
} else {
System.out.println("File does not exist");
}
}
@Override
public void decrypt(String password, String databaseName) {
Path path = Paths.get(databaseName);
if (Files.exists(path)){
File encryptedFile = new File(databaseName);
File plaintextFile = new File(databaseName + ".decrypted");
doDecryption(password, encryptedFile, plaintextFile);
encryptedFile.delete();
path = Paths.get(databaseName + ".decrypted");
try {
Files.move(path, path.resolveSibling(databaseName));
} catch (IOException e) {
throw new RuntimeException(e);
}
} else {
System.out.println("File does not exist");
}
}
private void doEncryption (String password, File inputFile, File outputFile) {
SecureRandom random = new SecureRandom();
byte[] salt = new byte[16];
random.nextBytes(salt);
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, ITERATION_COUNT, KEY_LENGTH);
try {
SecretKeyFactory factory = SecretKeyFactory.getInstance(PBKDF_ALGORITHM);
byte[] key = factory.generateSecret(spec).getEncoded();
SecretKeySpec keySpec = new SecretKeySpec(key, ALGORITHM);
byte[] ivBytes = new byte[16];
random.nextBytes(ivBytes);
IvParameterSpec iv = new IvParameterSpec(ivBytes);
Cipher cipher = Cipher.getInstance(TRANSFORMATION);
cipher.init(Cipher.ENCRYPT_MODE, keySpec, iv);
FileInputStream inputStream = new FileInputStream(inputFile);
byte[] inputBytes = new byte[(int) inputFile.length()];
inputStream.read(inputBytes);
byte[] encValue = cipher.doFinal(inputBytes);
byte[] finalCiphertext = new byte[encValue.length+2*16];
System.arraycopy(ivBytes, 0, finalCiphertext, 0, 16);
System.arraycopy(salt, 0, finalCiphertext, 16, 16);
System.arraycopy(encValue, 0, finalCiphertext, 32, encValue.length);
FileOutputStream outputStream = new FileOutputStream(outputFile);
outputStream.write(finalCiphertext);
inputStream.close();
outputStream.close();
} catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException |
IOException | BadPaddingException | InvalidKeySpecException | InvalidAlgorithmParameterException e) {
throw new RuntimeException(e);
}
}
private void doDecryption (String password, File inputFile, File outputFile) {
FileInputStream inputStream = null;
byte[] ivBytes = new byte[16];
byte[] salt = new byte[16];
byte[] readEncryptedBytesWithIvAndSaltPrefix;
try {
inputStream = new FileInputStream(inputFile);
readEncryptedBytesWithIvAndSaltPrefix = new byte[(int) inputFile.length()];
inputStream.read(readEncryptedBytesWithIvAndSaltPrefix);
} catch (IOException e) {
throw new RuntimeException(e);
}
byte[] inputBytes = new byte[readEncryptedBytesWithIvAndSaltPrefix.length - 32];
System.arraycopy(readEncryptedBytesWithIvAndSaltPrefix, 0, ivBytes, 0, 16);
System.arraycopy(readEncryptedBytesWithIvAndSaltPrefix, 16, salt, 0, 16);
System.arraycopy(readEncryptedBytesWithIvAndSaltPrefix, 32, inputBytes, 0, readEncryptedBytesWithIvAndSaltPrefix.length - 32);
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, ITERATION_COUNT, KEY_LENGTH);
try {
SecretKeyFactory factory = SecretKeyFactory.getInstance(PBKDF_ALGORITHM);
byte[] key = factory.generateSecret(spec).getEncoded();
SecretKeySpec keySpec = new SecretKeySpec(key, ALGORITHM);
IvParameterSpec iv = new IvParameterSpec(ivBytes);
Cipher cipher = Cipher.getInstance(TRANSFORMATION);
cipher.init(Cipher.DECRYPT_MODE, keySpec, iv);
byte[] encValue = cipher.doFinal(inputBytes);
FileOutputStream outputStream = new FileOutputStream(outputFile);
outputStream.write(encValue);
inputStream.close();
outputStream.close();
} catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException |
IOException | BadPaddingException | InvalidKeySpecException | InvalidAlgorithmParameterException e) {
throw new RuntimeException(e);
}
}
}
the method call in main:
String dbpath = "/var/lib/docker/volumes/d74a425c8728e5333a3472860c2b62a3e47a0b5655dd44cce1b4c47ac2c3b6b8/_data/password_safe/password_entries.ibd";
String password = "password";
encryptionModuleInterface.encrypt(password, dbpath);
I have a java program from which i would like to access a file that requires admin privileges. I use IntelliJ IDE for development and I would like to start the program from the IDE.
I have an EncryptionModule with two methods void encrypt(String password, String databaseName) and void decrypt(String password, String databaseName). The methods take the password and the path to the file provided by the user. It should be possible to encrypt/ decrypt a csv file or a mysql database.
It works with the csv file, but to encrypt the database I need to access the database table. The database is inside a docker container, thus I need admin privileges to access the table.
Without admin privileges the program says "File does not exist". Whats the output from the else case in the if clause in the encrypt/ decrypt method:
Path path = Paths.get(databaseName);
if (Files.exists(path)){
...
} else {
System.out.println("File does not exist");
}
I already tried to execute the IDE as root, but when I open the project, the IDE crashes. And I would prefer a solution without executing the whole IDE as root.
How do I grant the program the required privileges? Or is there another solution to what I want to do?
OS: Ubuntu, but it should work on Windows too.
Code:
package com.example.passwordsafe.data;
import com.example.passwordsafe.core.usecases.EncryptionModuleInterface;
import javax.crypto.*;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.*;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
public class EncryptionModule implements EncryptionModuleInterface {
private static final int ITERATION_COUNT = 1000000;
private static final int KEY_LENGTH = 256;
private static final String PBKDF_ALGORITHM = "PBKDF2WithHmacSHA1";
private static final String TRANSFORMATION = "AES/CBC/PKCS5Padding";
private static final String ALGORITHM = "AES";
@Override
public void encrypt(String password, String databaseName) {
Path path = Paths.get(databaseName);
if (Files.exists(path)){
File plaintextFile = new File(databaseName);
File encryptedFile = new File(databaseName + ".encrypted");
doEncryption(password, plaintextFile, encryptedFile);
plaintextFile.delete();
path = Paths.get(databaseName + ".encrypted");
try {
Files.move(path, path.resolveSibling(databaseName));
} catch (IOException e) {
throw new RuntimeException(e);
}
} else {
System.out.println("File does not exist");
}
}
@Override
public void decrypt(String password, String databaseName) {
Path path = Paths.get(databaseName);
if (Files.exists(path)){
File encryptedFile = new File(databaseName);
File plaintextFile = new File(databaseName + ".decrypted");
doDecryption(password, encryptedFile, plaintextFile);
encryptedFile.delete();
path = Paths.get(databaseName + ".decrypted");
try {
Files.move(path, path.resolveSibling(databaseName));
} catch (IOException e) {
throw new RuntimeException(e);
}
} else {
System.out.println("File does not exist");
}
}
private void doEncryption (String password, File inputFile, File outputFile) {
SecureRandom random = new SecureRandom();
byte[] salt = new byte[16];
random.nextBytes(salt);
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, ITERATION_COUNT, KEY_LENGTH);
try {
SecretKeyFactory factory = SecretKeyFactory.getInstance(PBKDF_ALGORITHM);
byte[] key = factory.generateSecret(spec).getEncoded();
SecretKeySpec keySpec = new SecretKeySpec(key, ALGORITHM);
byte[] ivBytes = new byte[16];
random.nextBytes(ivBytes);
IvParameterSpec iv = new IvParameterSpec(ivBytes);
Cipher cipher = Cipher.getInstance(TRANSFORMATION);
cipher.init(Cipher.ENCRYPT_MODE, keySpec, iv);
FileInputStream inputStream = new FileInputStream(inputFile);
byte[] inputBytes = new byte[(int) inputFile.length()];
inputStream.read(inputBytes);
byte[] encValue = cipher.doFinal(inputBytes);
byte[] finalCiphertext = new byte[encValue.length+2*16];
System.arraycopy(ivBytes, 0, finalCiphertext, 0, 16);
System.arraycopy(salt, 0, finalCiphertext, 16, 16);
System.arraycopy(encValue, 0, finalCiphertext, 32, encValue.length);
FileOutputStream outputStream = new FileOutputStream(outputFile);
outputStream.write(finalCiphertext);
inputStream.close();
outputStream.close();
} catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException |
IOException | BadPaddingException | InvalidKeySpecException | InvalidAlgorithmParameterException e) {
throw new RuntimeException(e);
}
}
private void doDecryption (String password, File inputFile, File outputFile) {
FileInputStream inputStream = null;
byte[] ivBytes = new byte[16];
byte[] salt = new byte[16];
byte[] readEncryptedBytesWithIvAndSaltPrefix;
try {
inputStream = new FileInputStream(inputFile);
readEncryptedBytesWithIvAndSaltPrefix = new byte[(int) inputFile.length()];
inputStream.read(readEncryptedBytesWithIvAndSaltPrefix);
} catch (IOException e) {
throw new RuntimeException(e);
}
byte[] inputBytes = new byte[readEncryptedBytesWithIvAndSaltPrefix.length - 32];
System.arraycopy(readEncryptedBytesWithIvAndSaltPrefix, 0, ivBytes, 0, 16);
System.arraycopy(readEncryptedBytesWithIvAndSaltPrefix, 16, salt, 0, 16);
System.arraycopy(readEncryptedBytesWithIvAndSaltPrefix, 32, inputBytes, 0, readEncryptedBytesWithIvAndSaltPrefix.length - 32);
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, ITERATION_COUNT, KEY_LENGTH);
try {
SecretKeyFactory factory = SecretKeyFactory.getInstance(PBKDF_ALGORITHM);
byte[] key = factory.generateSecret(spec).getEncoded();
SecretKeySpec keySpec = new SecretKeySpec(key, ALGORITHM);
IvParameterSpec iv = new IvParameterSpec(ivBytes);
Cipher cipher = Cipher.getInstance(TRANSFORMATION);
cipher.init(Cipher.DECRYPT_MODE, keySpec, iv);
byte[] encValue = cipher.doFinal(inputBytes);
FileOutputStream outputStream = new FileOutputStream(outputFile);
outputStream.write(encValue);
inputStream.close();
outputStream.close();
} catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | IllegalBlockSizeException |
IOException | BadPaddingException | InvalidKeySpecException | InvalidAlgorithmParameterException e) {
throw new RuntimeException(e);
}
}
}
the method call in main:
String dbpath = "/var/lib/docker/volumes/d74a425c8728e5333a3472860c2b62a3e47a0b5655dd44cce1b4c47ac2c3b6b8/_data/password_safe/password_entries.ibd";
String password = "password";
encryptionModuleInterface.encrypt(password, dbpath);
- 2 Processes can't increase their permissions at run-time. You have tk start a separate process with evaluated privileges. Anyway a better solution seems to me to run the service also in the docker container or make the database accessible in a second docker container where your Java service runs. – Robert Commented Jan 21 at 20:31
1 Answer
Reset to default 0Using sudo command as a prefix. From the command line eg sudo mvn exec:java -Dexec.mainClass="com.example.Main"
You have to first install the EXEC plugin
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<version>1.6.0</version>
<executions>
<execution>
<goals>
<goal>java</goal>
</goals>
</execution>
</executions>
<configuration>
<mainClass>com.example.Main</mainClass>
</configuration>
</plugin>
</plugins>
本文标签: fileHow to grant a java program admin privileges during runtimeStack Overflow
版权声明:本文标题:file - How to grant a java program admin privileges during runtime - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1738600674a2102047.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论