+1 on the proposal.
However I'm not sure about the change on o.a.t.util, and neither the
other jk packages.
I do agree the package should be sealed to protect package fields
and methods. But I don't think it should be restricted - or at least
it should be possible for webapps to include the package in WEB-INF/lib
and use it as a library. ( i.e. package.access should be true for
it ).
Costin
Jean-Francois Arcand wrote:
> Hi,
>
> I've re-factored Catalina.java and CatalinaService.java and merge the
> security code into a single class: o.a.c.security.SecurityConfig. This
> class will manage all the package access/definition security properties.
>
> Actually, the list of package access/definition are harcoded in that
> class. I would like to propose we move this package list into a
> Tomcat.security file following the J2SE format (see below). This way if
> people needs accesses to a package, they will have the opportunity to do
> it with having to recompile Catalina.
>
> Righ now, some Watchdog tests are failling because they need accesses to
> o.a.t.util, and yesterday, we have started protecting this package.
>
> What do you think? I know, that's another config file (I don't like
> having another file). I don't see where we could place that information.
>
> Thanks,
>
> -- Jeanfrancois
>
> #
> # List of comma-separated packages that start with or equal this string
> # will cause a security exception to be thrown when
> # passed to checkPackageAccess unless the
> # corresponding RuntimePermission ("accessClassInPackage."+package) has
> # been granted.
> package.access=sun.
>
> #
> # List of comma-separated packages that start with or equal this string
> # will cause a security exception to be thrown when
> # passed to checkPackageDefinition unless the
> # corresponding RuntimePermission ("defineClassInPackage."+package) has
> # been granted.
> #
> # by default, no packages are restricted for definition, and none of
> # the class loaders supplied with the JDK call checkPackageDefinition.
> #
> #package.definition=
--
Costin
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
