cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/config PolicyInterceptor.java
billbarker2004/10/19 22:26:26
Modified:src/share/org/apache/tomcat/modules/config
PolicyInterceptor.java
Log:
Allow compilation with a 1.5 JDK
Revision ChangesPath
1.16 +2 -1
jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java
Index: PolicyInterceptor.java
===
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- PolicyInterceptor.java25 Feb 2004 07:06:59 - 1.15
+++ PolicyInterceptor.java20 Oct 2004 05:26:25 - 1.16
@@ -27,6 +27,7 @@
import java.security.Permissions;
import java.security.Policy;
import java.security.ProtectionDomain;
+import java.security.cert.Certificate;
import java.util.Enumeration;
import java.util.PropertyPermission;
@@ -199,7 +200,7 @@
try {
File dir = new File(base);
URL url = new URL("file:" + dir.getAbsolutePath());
- CodeSource cs = new CodeSource(url,null);
+ CodeSource cs = new CodeSource(url,(Certificate [])null);
/* We'll construct permissions for Jasper.
Tomcat uses normal policy and URLClassLoader.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/config PolicyInterceptor.java
larryi 02/01/30 19:49:55
Modified:src/share/org/apache/tomcat/modules/config
PolicyInterceptor.java
Log:
Fix for Bug 4923.
FilePermission("/-","read") appears to give access to the
directory's contents and subdirectories, but doesn't grant direct access
to the directory. For example, exists() on the directory isn't granted. Adding
additionall FilePermissions to allow exists() on the web app's base and work
directories.
Revision ChangesPath
1.13 +11 -0
jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java
Index: PolicyInterceptor.java
===
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- PolicyInterceptor.java22 Aug 2001 03:02:46 - 1.12
+++ PolicyInterceptor.java31 Jan 2002 03:49:55 - 1.13
@@ -174,12 +174,23 @@
// Add default write "-" FilePermission for docBase
fp = new FilePermission(base + File.separator + "-", "write");
p.add(fp);
+
+// Add read permission for the directory itself, needed to use
+// exists() on the directory
+fp = new FilePermission(base,"read");
+p.add(fp);
+
fp = new FilePermission(context.getWorkDir() + File.separator + "-",
"read");
p.add(fp);
fp = new FilePermission(context.getWorkDir() + File.separator + "-",
"write");
p.add(fp);
+
+// Add read permission for the work directory itself, needed to use
+// exists() on the directory
+fp = new FilePermission(context.getWorkDir().toString(),"read");
+p.add(fp);
// Read on the common and apps dir
fp = new FilePermission(cm.getInstallDir() + File.separator +
--
To unsubscribe, e-mail:
For additional commands, e-mail:
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/config PolicyInterceptor.java
costin 01/08/21 20:02:46
Modified:src/share/org/apache/tomcat/modules/config
PolicyInterceptor.java
Log:
Better messages, more checks.
Revision ChangesPath
1.12 +10 -3
jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java
Index: PolicyInterceptor.java
===
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- PolicyInterceptor.java2001/08/21 05:10:38 1.11
+++ PolicyInterceptor.java2001/08/22 03:02:46 1.12
@@ -98,12 +98,16 @@
BaseInterceptor module)
throws TomcatException
{
- // Just override parent
+ // Just override parent
}
/** Set the security manager, so that policy will be used
*/
public void engineInit(ContextManager cm) throws TomcatException {
+ initSecurityManager( cm );
+}
+
+public void initSecurityManager(ContextManager cm) throws TomcatException {
if( System.getSecurityManager() != null ) return;
try {
if( null == System.getProperty("java.security.policy")) {
@@ -134,13 +138,16 @@
Class c=Class.forName(securityManagerClass);
Object o=c.newInstance();
Policy.getPolicy().refresh();
+
System.setSecurityManager((SecurityManager)o);
- log("Security Manager set to " + securityManagerClass +
- " " + System.getProperty("java.security.policy"));
+ log("SANDBOX mode enabled");
+ if( ! "java.lang.SecurityManager".equals(securityManagerClass) )
+ log( "Security Manager=" + securityManagerClass);
} catch( ClassNotFoundException ex ) {
log("SecurityManager Class not found: " +
securityManagerClass, Log.ERROR);
} catch( Exception ex ) {
+ ex.printStackTrace();
log("SecurityManager Class could not be loaded: " +
securityManagerClass, Log.ERROR);
}
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/config PolicyInterceptor.java ServerXmlReader.java
costin 01/02/08 23:49:10
Modified:src/share/org/apache/tomcat/modules/config
PolicyInterceptor.java ServerXmlReader.java
Log:
- small fix in ServerXmlReader
- canonical path in PolicyInterceptor
Revision ChangesPath
1.7 +12 -4
jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java
Index: PolicyInterceptor.java
===
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- PolicyInterceptor.java2001/02/01 05:18:56 1.6
+++ PolicyInterceptor.java2001/02/09 07:49:09 1.7
@@ -106,11 +106,19 @@
if( System.getSecurityManager() != null ) return;
try {
if( null == System.getProperty("java.security.policy")) {
+ File f=null;
if( policyFile==null ) {
- // XXX ugly API - change CM
- File f= new File(cm.getHome(), "conf/tomcat.policy");
- policyFile=f.getPath();
- }
+ policyFile="conf/tomcat.policy";
+ }
+
+ if( FileUtil.isAbsolute(policyFile))
+ f=new File(policyFile);
+ else
+ f=new File(cm.getHome() + File.separator +
+policyFile);
+ try {
+ policyFile=f.getCanonicalPath();
+ } catch(IOException ex ) {}
log("Setting policy file to " + policyFile);
System.setProperty("java.security.policy",
policyFile);
1.5 +7 -3
jakarta-tomcat/src/share/org/apache/tomcat/modules/config/ServerXmlReader.java
Index: ServerXmlReader.java
===
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/config/ServerXmlReader.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ServerXmlReader.java 2001/02/06 06:45:05 1.4
+++ ServerXmlReader.java 2001/02/09 07:49:10 1.5
@@ -162,7 +162,7 @@
public static void setTagRules( XmlMapper xh ) {
xh.addRule( "module", new XmlAction() {
- public void end(SaxContext ctx ) throws Exception {
+ public void start(SaxContext ctx ) throws Exception {
Object elem=ctx.currentObject();
AttributeList attributes = ctx.getCurrentAttributes();
String name=attributes.getValue("name");
@@ -178,9 +178,12 @@
public static void addDefaultTags( ContextManager cm, XmlMapper xh)
throws TomcatException
{
+ if( cm.getNote( "modules" ) != null )
+ return;
File f=new File( cm.getHome(), "/conf/modules.xml");
if( f.exists() ) {
-cm.setNote( "configFile", f.getAbsoluteFile());
+ //cm.setNote( "configFile", f.getAbsoluteFile());
+ cm.setNote( "modules", new Hashtable());
loadConfigFile( xh, f, cm );
// load module-*.xml
Vector v = getUserConfigFiles(f);
@@ -195,7 +198,7 @@
// similar with ant's taskdef
public static void addTag( XmlMapper xh, String tag, String classN) {
xh.addRule( tag ,
- xh.objectCreate( null, classN ));
+ xh.objectCreate( classN, null ));
xh.addRule( tag ,
xh.setProperties());
xh.addRule( tag,
@@ -277,3 +280,4 @@
}
+
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/config PolicyInterceptor.java
costin 01/01/31 21:18:57
Modified:src/share/org/apache/tomcat/modules/config
PolicyInterceptor.java
Log:
Add permission to write in the temp dir and it's own directory.
( watchdog does that, and it's not bad )
Revision ChangesPath
1.6 +13 -3
jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java
Index: PolicyInterceptor.java
===
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- PolicyInterceptor.java2001/01/25 05:07:36 1.5
+++ PolicyInterceptor.java2001/02/01 05:18:56 1.6
@@ -143,11 +143,21 @@
}
// Add default read "-" FilePermission for docBase, classes, lib
- // Default per context permissions
FilePermission fp = new FilePermission(base + File.separator + "-",
"read");
- if( fp != null )
- p.add((Permission)fp);
+ p.add(fp);
+
+ // Add default write "-" FilePermission for docBase
+ fp = new FilePermission(base + File.separator + "-",
+ "write");
+ p.add(fp);
+ fp = new FilePermission(context.getWorkDir() + File.separator + "-",
+ "read");
+ p.add(fp);
+ fp = new FilePermission(context.getWorkDir() + File.separator + "-",
+ "write");
+ p.add(fp);
+
// JspFactory.getPageContext() runs in JSP Context and needs the below
// permission during the init of a servlet generated from a JSP.
PropertyPermission pp = new PropertyPermission("line.separator","read");
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
