2010/3/25 Christopher Schultz <ch...@christopherschultz.net>:

I will try to be brief in my answers below, so please excuse some
apparent harshness.

> In the Tomcat SecurityManager docs
> (http://tomcat.apache.org/tomcat-6.0-doc/security-manager-howto.html),
> most of the "grants" in the policy file do not have a codeBase.

Why are you looking there? The policy file cited there is
"conf/catalina.policy". I would prefer the live copy over the paper.
(Though the doc should match the file).

> most of the

What you mean by "most"?  Are you counting "AllPermission" as "one"
versus all those in the "by default" grant block as "many"?

> By the way, I /have/ read
> http://java.sun.com/j2se/1.5.0/docs/guide/security/PolicyFiles.html but
> some things are still unclear.

Java 6 docs are below from here:

See also the following document there

> it appears that the SecurityManager is enforcing
> permissions along with the call chain...

It is documented in those specifications by Sun. It looks the call
chain up to the nearest AccessController.doPrivileged().



> Third: doesn't this make performance really suck?

As with any performance question: test it yourself and for your own
application/environment. Only that will give you numbers.

It may be that impact of those "security checks" is small compared to
other bottlenecks in one's application. Though, personally, I do not
like when a computer performs "useless" work.

> such as granting AllPermission to things like bootstrap.jar

That is determined by the task that this protection performs.
In general, the idea is that what is installed by "administrator" is
controlled and thus trusted, but the web applications themselves are
not trusted by default.

Also if the web applications are not trusted, it would make sense to
limit their control over Tomcat settings, by setting deployXML="false"
on a <Host>.

By the way,
Mark's presentations from recent ApacheCons are here:

Best regards,
Konstantin Kolinko

To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to