[Php-java-bridge-users] RE: Get output from JAVA-CLASS

[<php...@li...>]

Hi,

> I create a object of a
> custom class which does some output by
> System.out.println and System.err.println.

If you have set up the j2ee backend, the output
appears in the j2ee server's log file(s). It is not
possible to redirect that.

If you use the standalone backend, you can use:

$System = new JavaClass("java.lang.System");
$memoryBuffer = new
Java("java.io.ByteArrayOutputStream");
$System->setOut(new Java("java.io.PrintStream",
$memoryBuffer));
// invoke your app ...
$result = $memoryBuffer->toString();
echo $result;

Regarding your other question, how to create a file so
that it belongs to the user running the php instance,
please see the ellipse.php example:
http://cvs.sourceforge.net/viewcvs.py/php-java-bridge/php-java-bridge/examples/XML/ellipse.php?rev=1.1&view=markup

This example creates a memory buffer and then writes
it via fopen/fwrite.

I think I should also say something about security
(creating files in the document root with root
permissions sounds scary).

When the backend is running as root, everything is
possible, reading and writing /etc/passwd, /etc/shadow
and so on. These permissions are switched off when SEL
is enabled in the linux kernel or when a java policy
file is used:

<?php
$f = new java("java.io.FileInputStream",
"/etc/shadow");
for($i=0; $i<100; $i++) echo chr($f->read());
$f->close();
?>

setenforce 0
php snoop.php
=> contents of /etc/shadow

setenforce 1
php snoop.php
=> CreateInstance failed: new
java.io.FileInputStream((String)o(String)). Cause:
java.io.FileNotFoundException: /etc/shadow (Permission
denied)"]

So I suggest to install the SEL policy files. If you
don't have SEL, deploy the j2ee backend into a J2EE
server with a reasonable java policy file. The Sun
application server has a very restrictive policy, for
example.


Regards,
Jost Boekemeier



	

	
		
___________________________________________________________ 
Telefonate ohne weitere Kosten vom PC zum PC: http://messenger.yahoo.de