Joe Flowers wrote:
>
> > > I want to create a bunch of user/programmer subdirectories like
> > >
> > > "/usr/tomcat/jakarta-tomcat-3.2.2/webapps/ROOT/WEB-INF/classes/joe/"
> > > "/usr/tomcat/jakarta-tomcat-3.2.2/webapps/ROOT/WEB-INF/classes/tom/"
> > > "/usr/tomcat/jakarta-tomcat-3.2.2/webapps/ROOT/WEB-INF/classes/henry/"
> > > etc.
> > >
> > > so that I can grant all servlets in these directories and subdirectories
> > > read/write access to their own separate directory structure so they
> > > won't be able to write over anyone elses files, including the "system"
> > > files, of course.
> > >
> >
> > The above isn't possible with the Java SecurityManager.
> > A permission is granted to a CodeBase, all classes in WEB-INF have the
> > same CodeBase.
>
> Thanks a lot Glenn!
>
> In your above comment, did you mean that it "isn't possible with the
> Java SecurityManager" with Tomcat 3.x or 4.x or both?
>
It isn't possible at all for any application.
In case you have questions in the future, you may want to refer to the
presentation I did on Tomcat Server and Application Security at ApacheCon
2001.
http://www.more.net/events/apachecon2001/
Regards,
Glenn
----------------------------------------------------------------------
Glenn Nielsen [EMAIL PROTECTED] | /* Spelin donut madder |
MOREnet System Programming | * if iz ina coment. |
Missouri Research and Education Network | */ |
----------------------------------------------------------------------