Hi (back to list, I assume that was the intention), On Fri, Nov 30, 2012 at 2:10 PM, Reto Bachmann-Gmür <[email protected]> wrote: > On Nov 30, 2012 1:54 PM, "Bertrand Delacretaz" <[email protected]> > wrote: >>...I wouldn't blindly expose >> everything that's under /resources, either use a stanbol-specific name >> or a bundle header, to avoid surprises. > > It's META-INF/resources so its unlikely you choose this as alocation for > your private key and if that's the standard introduced by servlet 3.0 spec I > wouldn't why stanbol should be more restrictive. I'd suggest to just add > support for this ans expose this dir for all bundles (but not for jars > netsted in bundles)....
Fine with me - it's not me who cares much about Stanbol security anyway ;-) -Bertrand
