cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevin A. Burton" <>
Subject Re: XSP and file:// <-- Security issues?
Date Sun, 26 Mar 2000 20:18:17 GMT
"Stevenson, Chris (SSABSA)" wrote:
> > I am having trouble getting the XSP logicsheets located with file://
> > file://C:/java/jakarta-tomcat/webapps/ROOT/XSL/JavaXML.xsp.xsl
> > Unknown host: C:
> Forgive me if this is a naive question, but are there any rules
> for which file:/// urls are accessible from within cocoon?
> For example: suppose I am an ISP wanting to run Apache and
> make tomcat available for my clients to run their own webapps.
> They can drop their apps into a public_webapp directory, and
> tomcat automatically loads them.

Right.  This is standard security stuff and not really Cocoon related. 
If you do somethign stupid like running Cocoon as root this will
happen.  Run it as a regular user.  Then tighten down security.


Kevin A Burton (
Message to SUN:  "Please Open Source Java!"
"For evil to win is for good men to do nothing."

View raw message