The module includes the following security components:
Under some circumstances, the org.globus.util.Util.setFilePermissions() and the org.globus.util.ConfigUtil.getUID() functions execute an external program; thus, its behavior is influenced by environment variables such as the caller's PATH and the environment variables that control dynamic loading. Care should be used if calling these functions from a program that will be run as a Unix setuid program, or in any other manner in which the owner of the Unix process does not completely control its runtime environment.
Since Java does not provide an API for setting the permissions of a file, the Java CoG Kit will attempt to execute the /bin/chmod program in the background to set the permissions of the given file. If that program cannot be executed for any reason or fails to execute correctly, a proxy file might end up with incorrect file permissions (depending on umask setting). Usually a warning will be displayed if that occurs (especially on Windows since /bin/chmod is not supported on that platform).