I need to implement, in principle for JServ 1.1, a SecurityManager which essentially keeps all servlets of a given VM chrooted, in the sense that these should ideally only be allowed to: - read files under certain canonical path - write files under another canon. path I was going to investigate which SecurityManager implementation and setup would be appropriate in order to allow JServ to work, and at the same time providing at least part of the above protection. I'm thinking of adding a configuration parameter of "securitymanager" or similar and, if set, instantiating and setting the custom security manager at some place, maybe after calling start() at org.apache.jserv.JServ. The custom SecurityManager should have the above limitations, but also allow to read the repositories (needed by JServ) and to listen at any port above 1024 (also needed). Probably other things, too. But before I reinvent the wheel (something which not only makes one to lose time, but is also known to often yield square wheels), I was wondering if anyone had already done this, or at least pointing me out if I missed something. This kind of setup is essential for any ISP, so it is likely that someone already worked on it. Please note that I'm using JDK1.1, though JDK1.2-specific information would be welcome too. Thanks, Carlos -- ---------------------------------------------------------- To subscribe: [EMAIL PROTECTED] To unsubscribe: [EMAIL PROTECTED] Archives and Other: <http://java.apache.org/main/mail.html> Problems?: [EMAIL PROTECTED]
