tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Glenn Nielsen <>
Subject Re: DO NOT REPLY [Bug 13907] - security manager does not give read permission on a context by default
Date Fri, 25 Oct 2002 03:59:59 GMT
Aditya wrote:
> Glenn,
> On Thu, Oct 24, 2002 at 10:03:47AM -0000, wrote:
>>This must be a problem in your local system configuration.
>>Check the unix file ownerhsip and permissions for
> I've done that and the fact is that it works fine without the security manager
> so it's not a unix file ownership and permissions problem.
>>Also try running Tomcat with java property,failure
>>defined and then check the security manager debug output.
> yup, done that and the output has nothing more than the failure of read
> permissions.
>>I just tested the jsp you posted with a fresh build of Tomcat 4.1 from
>>the CVS head (What will be Tomcat 4.1.13) and Jasper 2.  The FilePermission
>>read for the context directory is being granted automatically and the JSP works.
> I just read the 4.1.13 announcement from Remy and it has the following note:
>  IMPORTANT NOTE: Security manager functionality is broken in this
>  milestone. This will be fixed in the next milestone. This milestone will
>  not be proposed for official release, and should be used for testing
>  purposes only.
> so before I checkout a fresh copy from CVS, need I be worried about this?

Tomcat and Jasper1/Jasper2 have granted web applications and JSP pages read access to
their own context directory since the SecurityManager was first implemented years
ago.  I don't recall there ever being a bug with this or that it has changed.
I was just verifying that the code hadn't been inadvertently broken.

Gettting the latest version from CVS won't fix your problem. I still think the
problem is somewhere in your configuration.

You might try posting the SecurityManager debug output when the FilePermission read
is denied.  Including the stack trace and the ProtectionDomain which failed.



To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message