Unix permissions do take precedence over java security policy. Regards, Rossen
> -----Original Message----- > From: Richard Smith [mailto:[EMAIL PROTECTED]] > Sent: Sunday, August 18, 2002 11:12 PM > To: [EMAIL PROTECTED] > Subject: tomcat/unix security manager questions > > > > Hi All, > > Just wondering if you could help me clarify a few questions I > have about > tomcat > and catalina.policy. Im running tomcat 4.0.4 (w/ security > manager) with > mod_jk > on solaris with about 300+ users, all of whom can deploy > jsp/servlets from > their public_html directory. > > A user requirement is that they must is to be able to > read/write files in > their > home directory. This is what im a little confused about. I > understand I can > put > an entry like: > > permission java.io.FilePermission "/home/-", > "read,write,delete,execute";" > > in catalina.policy, but how does this enable tomcat to write > to other user's > home directories (when tomcat is running as a user with > minimal privledges)? > Or > must I change permissions on the file to allow the user that > is running > tomcat > to write to it (is this the normal practice?). > > Also, this is probably more a java question, but do standard unix > permissions > always take precedence over what is set in catalina.policy? (In my > understanding > the unix permissions take precedence, but I just wanted to > make sure(please > excuse my java ignorance)) > > Any help appreciated, > > Cheers, > > > _________________________________________________________________ > Join the world's largest e-mail service with MSN Hotmail. > http://www.hotmail.com > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
