commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 9743] - Security policy configuration, SimpleLog uses System.getProperties()
Date Sun, 20 Oct 2002 12:40:57 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9743>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9743

Security policy configuration, SimpleLog uses System.getProperties()





------- Additional Comments From glenn@apache.org  2002-10-20 12:40 -------
I would guess that jakarta project API's get used within a
servlet or other server side container > 90 % of the time.
If it exists it will get used. Those developing applications
which use SimpleLog may not be as security aware as system
administrators who have to deploy the application.
IMHO this rules out option 3.

Option 1 requires removing features from SimpleLog which
may not be best for those already using SimpleLog.

Option 2 seems like the best solution.  It doesn't remove
any features and allows SimpleLog to be used in a J2EE
container which implements a SecurityManager.

--
To unsubscribe, e-mail:   <mailto:commons-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:commons-dev-help@jakarta.apache.org>


Mime
View raw message