[
https://issues.apache.org/jira/browse/HADOOP-5740?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12703159#action_12703159
]
Steve Loughran commented on HADOOP-5740:
----------------------------------------
Both jetty and RMI make assumptions that aren't valid, and as as they are code
that isnt in the hadoop repository, it is up to the hadoop code to be changed
to come to terms with their (mistaken) assumptions.
I'm also adding my own code that tests the current policy and tries to add to
it, printing out some diagnostics (including the classname) if it isn't
writable. This is handy as the current policy may change over time.
Is it ok to return a new empty permission collection on the
getPermissions(CodeSource) call? It won't impact hadoop's own code.
> Hadoop JSP pages don't work under a security manager
> ----------------------------------------------------
>
> Key: HADOOP-5740
> URL: https://issues.apache.org/jira/browse/HADOOP-5740
> Project: Hadoop Core
> Issue Type: Bug
> Components: fs, mapred
> Affects Versions: 0.21.0
> Reporter: Steve Loughran
> Assignee: Steve Loughran
> Priority: Minor
>
> When you run Hadoop under a security manager that says "yes" to all security
> checks, you get stack traces when Jetty tries to initialise the JSP engine.
> Which implies you can't use Jasper under a security manager
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
