jfarcand 2003/07/31 17:32:40 Modified: catalina/src/conf catalina.policy Log: Fix for bug 22032: missing security-policy in default-configuration. Precompiled JSPs running under the security manager always have to access org.apache.jasper.runtime.* classes. With the package protection mechanism turned on, those precompiled JSPs are being rejected by the security manager. The solution is to grant access to org.apache.jasper.runtime.* (unfortunatly there is no othe rway). Submitted by: Matthias Mezger ( mezger at gmx.de ) Revision Changes Path 1.9 +27 -22 jakarta-tomcat-catalina/catalina/src/conf/catalina.policy Index: catalina.policy =================================================================== RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/catalina.policy,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- catalina.policy 13 Dec 2002 21:57:26 -0000 1.8 +++ catalina.policy 1 Aug 2003 00:32:40 -0000 1.9 @@ -70,25 +70,25 @@ // In addition, a web application will be given a read FilePermission // and JndiPermission for all files and directories in its document root. grant { - // Required for JNDI lookup of named JDBC DataSource's and - // javamail named MimePart DataSource used to send mail - permission java.util.PropertyPermission "java.home", "read"; - permission java.util.PropertyPermission "java.naming.*", "read"; - permission java.util.PropertyPermission "javax.sql.*", "read"; - - // OS Specific properties to allow read access - permission java.util.PropertyPermission "os.name", "read"; - permission java.util.PropertyPermission "os.version", "read"; - permission java.util.PropertyPermission "os.arch", "read"; - permission java.util.PropertyPermission "file.separator", "read"; - permission java.util.PropertyPermission "path.separator", "read"; - permission java.util.PropertyPermission "line.separator", "read"; - - // JVM properties to allow read access - permission java.util.PropertyPermission "java.version", "read"; - permission java.util.PropertyPermission "java.vendor", "read"; - permission java.util.PropertyPermission "java.vendor.url", "read"; - permission java.util.PropertyPermission "java.class.version", "read"; + // Required for JNDI lookup of named JDBC DataSource's and + // javamail named MimePart DataSource used to send mail + permission java.util.PropertyPermission "java.home", "read"; + permission java.util.PropertyPermission "java.naming.*", "read"; + permission java.util.PropertyPermission "javax.sql.*", "read"; + + // OS Specific properties to allow read access + permission java.util.PropertyPermission "os.name", "read"; + permission java.util.PropertyPermission "os.version", "read"; + permission java.util.PropertyPermission "os.arch", "read"; + permission java.util.PropertyPermission "file.separator", "read"; + permission java.util.PropertyPermission "path.separator", "read"; + permission java.util.PropertyPermission "line.separator", "read"; + + // JVM properties to allow read access + permission java.util.PropertyPermission "java.version", "read"; + permission java.util.PropertyPermission "java.vendor", "read"; + permission java.util.PropertyPermission "java.vendor.url", "read"; + permission java.util.PropertyPermission "java.class.version", "read"; permission java.util.PropertyPermission "java.specification.version", "read"; permission java.util.PropertyPermission "java.specification.vendor", "read"; permission java.util.PropertyPermission "java.specification.name", "read"; @@ -100,11 +100,16 @@ permission java.util.PropertyPermission "java.vm.vendor", "read"; permission java.util.PropertyPermission "java.vm.name", "read"; - // Required for OpenJMX - permission java.lang.RuntimePermission "getAttribute"; + // Required for OpenJMX + permission java.lang.RuntimePermission "getAttribute"; // Allow read of JAXP compliant XML parser debug permission java.util.PropertyPermission "jaxp.debug", "read"; + + // Precompiled JSPs need access to this package. + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime"; + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*"; + };
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]