of course it's not a bug in java! but the permissin you tomcat/jetty/whatever is running with!
kiuma On 5/18/07, Peter Dawn <[EMAIL PROTECTED]> wrote:
guys, this is a general java question, but since i am using tapestry i thought i will raise it here. i am using tap3. now whats happening is, that i am running a postgres backup command from within my tapestry web app. the user enters a folder location in a form, which i grab and run the postgres backup command and backup this backedup file at that location. so its a general tapestry form implementation and java io. now when the user submits the location, i check if the location exists using .exists() and only then perform the backup. now my concern is that i can backup files to folders the user does not have access to. i mean if using windows explorer, i set the access permissions to a set folder, as full control deny all (read, write etc) by me, and then if i click on it it says the folder is inaccessible, access denied. now if i enter this location in my tapestry form, the system performs a backup and generates the required backup file in that folder, even though i do not have access rights to that folder and cant access it. so i guess my question is, this a bug in java, postgres or its actually meant to happen. and how can i tell the user that the system cannot write to the folder as you dont have access permissions to it. any help please. thanks. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
