+1 on the proposal. However I'm not sure about the change on o.a.t.util, and neither the other jk packages.
I do agree the package should be sealed to protect package fields and methods. But I don't think it should be restricted - or at least it should be possible for webapps to include the package in WEB-INF/lib and use it as a library. ( i.e. package.access should be true for it ). Costin Jean-Francois Arcand wrote: > Hi, > > I've re-factored Catalina.java and CatalinaService.java and merge the > security code into a single class: o.a.c.security.SecurityConfig. This > class will manage all the package access/definition security properties. > > Actually, the list of package access/definition are harcoded in that > class. I would like to propose we move this package list into a > Tomcat.security file following the J2SE format (see below). This way if > people needs accesses to a package, they will have the opportunity to do > it with having to recompile Catalina. > > Righ now, some Watchdog tests are failling because they need accesses to > o.a.t.util, and yesterday, we have started protecting this package. > > What do you think? I know, that's another config file (I don't like > having another file). I don't see where we could place that information. > > Thanks, > > -- Jeanfrancois > > # > # List of comma-separated packages that start with or equal this string > # will cause a security exception to be thrown when > # passed to checkPackageAccess unless the > # corresponding RuntimePermission ("accessClassInPackage."+package) has > # been granted. > package.access=sun. > > # > # List of comma-separated packages that start with or equal this string > # will cause a security exception to be thrown when > # passed to checkPackageDefinition unless the > # corresponding RuntimePermission ("defineClassInPackage."+package) has > # been granted. > # > # by default, no packages are restricted for definition, and none of > # the class loaders supplied with the JDK call checkPackageDefinition. > # > #package.definition= -- Costin -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>