Fixed in Lucid as of 6.0.24-2 (does not use a securitymanager by
default)
** Changed in: tomcat6 (Ubuntu)
Status: Triaged = Fix Released
--
Security manager breaks session listing
https://bugs.launchpad.net/bugs/509528
You received this bug notification because you are a member of Ubuntu
Tomcat 6.0.24-2 packaged for Debian now disables the security manager by
default. It should solve this bug.
--
Security manager breaks session listing
https://bugs.launchpad.net/bugs/509528
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
The security manager is causing lots of usability issues because it's
difficult to get right, for little additional security (since we run as
an unprivileged user). Upstream tomcat disables it by default. For
Lucid, we are also considering disabling it by default (it will still be
an option for
tomcat6-admin should ship its own policy file in /etc/tomcat6/policy.d,
something like:
grant codeBase file:/usr/share/tomcat6-admin/manager/- {
permission java.lang.RuntimePermission
accessClassInPackage.org.apache.catalina;
permission java.lang.RuntimePermission
** Changed in: tomcat6 (Ubuntu)
Importance: Undecided = Medium
** Changed in: tomcat6 (Ubuntu)
Status: New = Triaged
--
Security manager breaks session listing
https://bugs.launchpad.net/bugs/509528
You received this bug notification because you are a member of Ubuntu
Server Team,
** Attachment added: AccessControlException stacktrace when opening the
session list
http://launchpadlibrarian.net/38076021/sessionlist-stacktrace.txt
--
Security manager breaks session listing
https://bugs.launchpad.net/bugs/509528
You received this bug notification because you are a
