Howdy, Hmm... That's a badly coded webapp because it's not portable, specific to tomcat.
Implications: slightly reduced security in case there's a bug in the org.apache.catalina.session class/package that the webapp is exploiting. I haven't heard of such a bug, but who knows. Don't give this access unless you have to. Instead, the user should not write their webapp to use any tomcat-specific (or for that matter, server-specific) classes. Their webapp should be coded to the servlet specification. Yoav Shapira Millennium ChemInformatics >-----Original Message----- >From: webmaster [mailto:[EMAIL PROTECTED] >Sent: Monday, September 22, 2003 6:19 PM >To: Tomcat Users List >Subject: Special permission in a webapp. > >Hi all, > >I have a user that needs the following permission in its webapp. > >java.lang.RuntimePermission >accessClassInPackage.org.apache.catalina.session > >What are the implications of giving up such a permission ? > >Thanks !! > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
