glenn 01/11/25 13:05:47
Modified: catalina/src/conf catalina.policy
Log:
Tomcat 4 Java SecurityManager updates:
Removed granting AllPermission to privileged webapps within Tomcat
and moved back out into catalina.policy.
Wrapped ContainerBase.addChild() with a doPrivileged to keep instances
of Tomcat which use a very strict security policy happy.
Revision Changes Path
1.17 +19 -1 jakarta-tomcat-4.0/catalina/src/conf/catalina.policy
Index: catalina.policy
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/conf/catalina.policy,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- catalina.policy 2001/11/19 13:51:03 1.16
+++ catalina.policy 2001/11/25 21:05:47 1.17
@@ -8,7 +8,7 @@
//
// * Read access to the document root directory
//
-// $Id: catalina.policy,v 1.16 2001/11/19 13:51:03 glenn Exp $
+// $Id: catalina.policy,v 1.17 2001/11/25 21:05:47 glenn Exp $
// ============================================================================
@@ -73,6 +73,24 @@
permission java.security.AllPermission;
};
+// These permissions apply to the privileged admin and manager web applications
+grant codeBase
"jar:file:${catalina.home}/server/webapps/admin/WEB-INF/lib/jasper-compiler.jar!/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase
"jar:file:${catalina.home}/server/webapps/admin/WEB-INF/lib/jasper-runtime.jar!/-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase
"jar:file:${catalina.home}/server/webapps/manager/WEB-INF/lib/jasper-compiler.jar!/
+-" {
+ permission java.security.AllPermission;
+};
+
+grant codeBase
"jar:file:${catalina.home}/server/webapps/manager/WEB-INF/lib/jasper-runtime.jar!/-
+" {
+ permission java.security.AllPermission;
+};
// ========== WEB APPLICATION PERMISSIONS =====================================
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
