tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 13907] - security manager does not give read permission on a context by default
Date Thu, 24 Oct 2002 10:03:47 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13907>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=13907

security manager does not give read permission on a context by default

glenn@apache.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|                            |WORKSFORME



------- Additional Comments From glenn@apache.org  2002-10-24 10:03 -------
I just tested the jsp you posted with a fresh build of Tomcat 4.1 from
the CVS head (What will be Tomcat 4.1.13) and Jasper 2.  The FilePermission
read for the context directory is being granted automatically and the JSP works.

This must be a problem in your local system configuration.
Check the unix file ownerhsip and permissions for test2.new.
Also try running Tomcat with java property -Djava.security.debug=access,failure
defined and then check the security manager debug output.

One final note, I would not grant the permission
java.io.FilePermission "<<ALL FILES>>, "read";
to a web application, I would consider that a security risk.

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message