tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Glenn Nielsen <gl...@voyager.apg.more.net>
Subject WebappClassLoader.java requires java.security.AllPermission!
Date Mon, 19 Nov 2001 15:27:42 GMT
Why does the WebappClassLoader have dozens of the following
SecurityManager.checkPermission calls?

        if (securityManager != null)
            securityManager.checkPermission(allPermission);

This does not allow you to set a policy which is more restrictive than
granting All Permission to catalina.jar!

Why are the checkPermission calls needed?  Why can't you rely on whatever
the policy settings are?

Regards,

Glenn

----------------------------------------------------------------------
Glenn Nielsen             glenn@more.net | /* Spelin donut madder    |
MOREnet System Programming               |  * if iz ina coment.      |
Missouri Research and Education Network  |  */                       |
----------------------------------------------------------------------

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message