Hi Andrew,
>> You can be more precise if you want (e.g. just read permissions for
>> [dspace]/config/*
>
> That sounds alot more convenient than file by file.
>
>> http://tomcat.apache.org/tomcat-6.0-doc/security-manager-howto.html suggests
>> that it is only possible to have a single catalina.policy file for a tomcat
>> instance, not one per webapp.
>
> Well, I must admit, I am putting it into the global policy file for now. Maybe
> that's just as well.
>
> I think that a policy file needs to be included in the DSpace release for when
> people are using java6 with the stricter security. Shall I file this as a
> defect?
AFAIK, it is a Tomcat issue, not a DSpace or Java 6 issue. Tomcat has
supported the use of a security manager over many past versions, it is just
that some package distributions are starting to turn this on (-security
option) by default.
The best option for filing this would be to write and submit an example
security policy (under 'patches'), and we can add it to the documentation.
Thanks,
Stuart
_________________________________________________________________
Gwasanaethau Gwybodaeth Information Services
Prifysgol Aberystwyth Aberystwyth University
E-bost / E-mail: [email protected]
Ffon / Tel: (01970) 622860
_________________________________________________________________
------------------------------------------------------------------------------
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________
DSpace-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-tech
