Remy Maucherat wrote:
If you give the appropriate permissions to allow SSI and CGI, you're
actually giving AllPermissions anyway (since you're allowing a native
script
or executable to run, which is not constrained by the Java sandbox), so
I'm
missing the point here.
Yes, once
Currently, all supporting jar files for servlets which come with Tomcat 4
are placed in the $CATALINA_HOME/server/lib directory with the Tomcat 4
core jar files. This is a potential security problem because the default
catalina.policy grants AllPermission to all jar files located in
