[
https://issues.apache.org/struts/browse/WW-2857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=45200#action_45200
]
Musachy Barroso commented on WW-2857:
-------------------------------------
Why would we want to catch the exception in this case? If the props are
pointing to a location, which is forbidden, the exception is valid, as there is
a configuration problem.
> SecurityException accessing theme.properites
> --------------------------------------------
>
> Key: WW-2857
> URL: https://issues.apache.org/struts/browse/WW-2857
> Project: Struts 2
> Issue Type: Bug
> Reporter: Eddy Chan
> Fix For: 2.1.3
>
>
> With WW-1368 (https://issues.apache.org/struts/browse/WW-1368), a bug is
> introduced when security is enabled as the file system path for the
> theme.properties file may not be within the webapp and thus, requires a
> FilePermission to access the invalid path. Therefore, there needs to be a
> catch for a SecurityException. The method of the call is in
> org.apache.struts2.components.template.BaseTemplateEngine.getThemeProps(Template)
> and the call is propFile.exists().
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
