tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "George Sexton" <gsex...@mhsoftware.com>
Subject RE: Security Manager
Date Fri, 20 Jan 2006 18:47:00 GMT
Yet more. It seems by specification (SRV.3.7.1)

grant {
  permission java.io.FilePermission "${catalina.base}/temp/-", "read,
write","delete";
  permission java.util.PropertyPermission "javax.servlet.context.tempdir",
"read";	
};

Really should be set so.

George Sexton
MH Software, Inc.
http://www.mhsoftware.com/
Voice: 303 438 9585
  

> -----Original Message-----
> From: George Sexton [mailto:gsexton@mhsoftware.com] 
> Sent: Friday, January 20, 2006 11:14 AM
> To: 'Tomcat Developers List'
> Subject: Security Manager
> 
> I tried running 5.5.14 with -security specified and got this error:
> 
> Using Security Manager
> Listening for transport dt_socket at address: 7100
> Could not load Logmanager "org.apache.juli.ClassLoaderLogManager"
> java.security.AccessControlException: access denied
> (java.lang.RuntimePermission
>  shutdownHooks)
>         at
> java.security.AccessControlContext.checkPermission(AccessControlConte
> xt.java:264)
>         at
> java.security.AccessController.checkPermission(AccessController.java:
> 427)
>         at
> java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
> 
> 
> My solution was to add:
> 
> grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
>         permission java.security.AllPermission;
> };
> 
> To the catalina.policy file. Is this correct?
> 
> George Sexton
> MH Software, Inc.
> http://www.mhsoftware.com/
> Voice: 303 438 9585
>  
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message