Hi, I searched in the Packages tomcat7 and tomcat7-common from Trusty and Xenial and can't find anything that is creating or using the Directory /var/lib/tomcat7/policy ($CATALINA_BASE/policy).
My suggestion is that Marc like to move the generated Policy Files out of $CATALINA_BASE/work/ which is a symlink to /var/cache/tomcat7. /var/cache/tomcat7 is writable by the tomcat User. But the patch is incomplete.catalina.sh still hands $CATALINA_BASE/work/catalina.policy to Java. This bug blocks installing a Security-Update. In my opinion this is a Security Issue too and needs to be fixed asap. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1659589 Title: tomcat7 7.0.52-1ubuntu0.8 crashes on startup with TOMCAT7_SECURITY=yes To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tomcat7/+bug/1659589/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
