avalon-apps-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Peter M. Goldstein" <peter_m_goldst...@yahoo.com>
Subject A question about Phoenix security policies...
Date Sun, 25 Aug 2002 17:27:02 GMT


This is a quick question about Java permissions in the current revision
of Phoenix.  We over at the James project have run into an issue with
certain configurations of James (specifically use of a database) that
seem to cause us to run afoul of the Java permissions.  This comes up on
our user list about once or twice a month, and the standard answer
that's been given is "set PHOENIX_SECURE to false".

IMHO, this isn't the best approach.  I'd like to get the policy elements
in the environment.xml to be correct.  Right now we have:

    <grant code-base="file:${app.home}${/}blocks${/}*">
      <permission class="java.security.AllPermission" />

    <grant code-base="file:${app.home}${/}lib${/}*">
      <permission class="java.security.AllPermission" />

This clearly isn't right, as neither the blocks or lib subdirectories of
${app.home} exist.  I suspect this is a holdover from an older version
of Phoenix.  With the latest Phoenix, what is the correct version of
this element for the most broadly granted permission?  Is it:

    <grant code-base="sar:lib${/}*">
      <permission class="java.security.AllPermission" />

If not, what is the correct form?  Any help (or pointers to appropriate
documentation) would be appreciated.  Thanks.


To unsubscribe, e-mail:   <mailto:avalon-apps-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:avalon-apps-dev-help@jakarta.apache.org>

View raw message