tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jfarc...@apache.org
Subject cvs commit: jakarta-tomcat-catalina/catalina/src/conf catalina.policy
Date Fri, 01 Aug 2003 00:32:40 GMT
jfarcand    2003/07/31 17:32:40

  Modified:    catalina/src/conf catalina.policy
  Log:
  Fix for bug 22032: missing security-policy in default-configuration.
  
  Precompiled JSPs running under the security manager always have to access org.apache.jasper.runtime.*
classes. With the package protection mechanism turned on, those precompiled JSPs are being
rejected by the security manager. The solution is to grant access to org.apache.jasper.runtime.*
(unfortunatly there is no othe rway).
  
  Submitted by: Matthias Mezger ( mezger at gmx.de )
  
  Revision  Changes    Path
  1.9       +27 -22    jakarta-tomcat-catalina/catalina/src/conf/catalina.policy
  
  Index: catalina.policy
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/catalina.policy,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- catalina.policy	13 Dec 2002 21:57:26 -0000	1.8
  +++ catalina.policy	1 Aug 2003 00:32:40 -0000	1.9
  @@ -70,25 +70,25 @@
   // In addition, a web application will be given a read FilePermission
   // and JndiPermission for all files and directories in its document root.
   grant { 
  -        // Required for JNDI lookup of named JDBC DataSource's and
  -        // javamail named MimePart DataSource used to send mail
  -        permission java.util.PropertyPermission "java.home", "read";
  -        permission java.util.PropertyPermission "java.naming.*", "read";
  -        permission java.util.PropertyPermission "javax.sql.*", "read";
  -
  -        // OS Specific properties to allow read access
  -	permission java.util.PropertyPermission "os.name", "read";
  -	permission java.util.PropertyPermission "os.version", "read";
  -	permission java.util.PropertyPermission "os.arch", "read";
  -	permission java.util.PropertyPermission "file.separator", "read";
  -	permission java.util.PropertyPermission "path.separator", "read";
  -	permission java.util.PropertyPermission "line.separator", "read";
  -
  -        // JVM properties to allow read access
  -        permission java.util.PropertyPermission "java.version", "read";
  -        permission java.util.PropertyPermission "java.vendor", "read";
  -        permission java.util.PropertyPermission "java.vendor.url", "read";
  -        permission java.util.PropertyPermission "java.class.version", "read";
  +    // Required for JNDI lookup of named JDBC DataSource's and
  +    // javamail named MimePart DataSource used to send mail
  +    permission java.util.PropertyPermission "java.home", "read";
  +    permission java.util.PropertyPermission "java.naming.*", "read";
  +    permission java.util.PropertyPermission "javax.sql.*", "read";
  +
  +    // OS Specific properties to allow read access
  +    permission java.util.PropertyPermission "os.name", "read";
  +    permission java.util.PropertyPermission "os.version", "read";
  +    permission java.util.PropertyPermission "os.arch", "read";
  +    permission java.util.PropertyPermission "file.separator", "read";
  +    permission java.util.PropertyPermission "path.separator", "read";
  +    permission java.util.PropertyPermission "line.separator", "read";
  +
  +    // JVM properties to allow read access
  +    permission java.util.PropertyPermission "java.version", "read";
  +    permission java.util.PropertyPermission "java.vendor", "read";
  +    permission java.util.PropertyPermission "java.vendor.url", "read";
  +    permission java.util.PropertyPermission "java.class.version", "read";
   	permission java.util.PropertyPermission "java.specification.version", "read";
   	permission java.util.PropertyPermission "java.specification.vendor", "read";
   	permission java.util.PropertyPermission "java.specification.name", "read";
  @@ -100,11 +100,16 @@
   	permission java.util.PropertyPermission "java.vm.vendor", "read";
   	permission java.util.PropertyPermission "java.vm.name", "read";
   
  -        // Required for OpenJMX
  -        permission java.lang.RuntimePermission "getAttribute";
  +    // Required for OpenJMX
  +    permission java.lang.RuntimePermission "getAttribute";
   
   	// Allow read of JAXP compliant XML parser debug
   	permission java.util.PropertyPermission "jaxp.debug", "read";
  +
  +    // Precompiled JSPs need access to this package.
  +    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime";
  +    permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*";
  +    
   };
   
   
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message