Public bug reported:
Binary package hint: tomcat5.5
If we want to use the default Ubuntu packaging of Tomcat 5.5 server, we
need to have less restrictive access on webapps folder and the
shared/lib folder.
The Tomcat 5.5 server is launched by the tomcat5 user, so even if these
restrictions are less important, the system will still be protected.
Indeed, it's a real hell today to install an web application which needs
to right its log file /var/log/<appname>, simply because the security
manager is too restrictive. New Tomcat users needs many times before
finding the /etc/tomcat5.5/policy.d folder, and find how to modify it to
have something that the Linux FS rights already provide.
So I hope that the providen patch will be applied on the
/etc/tomcat5.5/policy.d/ folder.
** Affects: tomcat5.5 (Ubuntu)
Importance: Undecided
Status: Unconfirmed
--
Security manager is too restrictive by default.
https://launchpad.net/bugs/74784
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
