Re: Tomcat + Hibernate2 + Security Manager

2004-01-28 Thread Webmaster
Hi ! On Tue, 27 Jan 2004 12:14:16 -0500, Jeanfrancois Arcand [EMAIL PROTECTED] escreveu: De: Jeanfrancois Arcand [EMAIL PROTECTED] Data: Tue, 27 Jan 2004 12:14:16 -0500 Para: Tomcat Users List [EMAIL PROTECTED] Assunto: Re: Tomcat + Hibernate2 + Security Manager Webmaster wrote

Re: Tomcat + Hibernate2 + Security Manager

2004-01-28 Thread Jeanfrancois Arcand
Webmaster wrote: Hi ! On Tue, 27 Jan 2004 12:14:16 -0500, Jeanfrancois Arcand [EMAIL PROTECTED] escreveu: De: Jeanfrancois Arcand [EMAIL PROTECTED] Data: Tue, 27 Jan 2004 12:14:16 -0500 Para: Tomcat Users List [EMAIL PROTECTED] Assunto: Re: Tomcat + Hibernate2 + Security Manager

Tomcat + Hibernate2 + Security Manager

2004-01-27 Thread Webmaster
Hi all, I know this is a little bit out of topic, but the general concept is useful for everybody. I run tomcat with security manager for a dozen users. Recently, people started to use the hibernate 2 which requires some funky permissions. I had to put these lines in the 'global' permission

RE: Tomcat + Hibernate2 + Security Manager

2004-01-27 Thread Shapira, Yoav
Howdy, I know this is a little bit out of topic, but the general concept is useful for everybody. I agree this is useful for everyone. Posting off-topic is fine as long as you mark it by placing [OFF-TOPIC] at the beginning of the subject line. Note: I DID test using a codebase like: grant

[OT] RE: Tomcat + Hibernate2 + Security Manager

2004-01-27 Thread Webmaster
, 27 Jan 2004 12:04:21 -0500, Shapira, Yoav [EMAIL PROTECTED] escreveu: De: Shapira, Yoav [EMAIL PROTECTED] Data: Tue, 27 Jan 2004 12:04:21 -0500 Para: Tomcat Users List [EMAIL PROTECTED] Assunto: RE: Tomcat + Hibernate2 + Security Manager Howdy, I know this is a little bit out of topic

RE: [OT] RE: Tomcat + Hibernate2 + Security Manager

2004-01-27 Thread Shapira, Yoav
Howdy, Could you give an example of how a malicious code could affect the security of the JVM ? You mean in general? How about System.exit()? Usually I have a codebase policy like this for each user: permission java.io.FilePermission /home/client/public_html/-, read,write,delete; I guess

Re: Tomcat + Hibernate2 + Security Manager

2004-01-27 Thread Jeanfrancois Arcand
Webmaster wrote: Hi all, I know this is a little bit out of topic, but the general concept is useful for everybody. I run tomcat with security manager for a dozen users. Recently, people started to use the hibernate 2 which requires some funky permissions. I had to put these lines in the

RE: Tomcat + Hibernate2 + Security Manager

2004-01-27 Thread Mike Curwen
FYI: This has also been discussed here: http://freeroller.net/page/jcarreira/20040126 -Original Message- From: Shapira, Yoav [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 27, 2004 11:04 AM To: Tomcat Users List Subject: RE: Tomcat + Hibernate2 + Security Manager Howdy