Matt, Your best bet is to read the security manager documentation provided as part of the SDK. It should be located in JAVA_HOME\docs\guide\security\permissions.html and JAVA_HOME\docs\guide\security\PolicyFiles.html
I can't remember if these docs are part of the standard download or whether you need to download the separate docs package. Bear in mind that tomcat might need some of the permissions you are looking to restrict. The sample security policy file provided (TOMCAT_HOME\conf\catalina.policy) provides more details. One option would be to just restrict the deployed web applications rather than the entire tomcat installation. Again, see catalina.policy for more information. Regards, Mark > -----Original Message----- > From: Matt Anderson [mailto:[EMAIL PROTECTED] > Sent: Sunday, March 21, 2004 4:54 AM > To: [EMAIL PROTECTED] > Subject: Security > > Hi All, > This is the first time I have used this list so this > question may have > been asked many times before, however I tried to download > previous message > but were unsucessful. My question is, how do you configure > the security > manager to disable things like System.exit() and > Runtime.exec() and even > some of the java.io.* package functions. I have read the > how-to and I am > still a little confused. I would appreciate any guidance on > this and any > examples too. Thank you all for taking the time to read this > and I look > forward to your response. > > Kindest Regards, > Matt Anderson > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
