Return-Path: Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: (qmail 45267 invoked from network); 20 Jan 2006 18:47:30 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 20 Jan 2006 18:47:30 -0000 Received: (qmail 7617 invoked by uid 500); 20 Jan 2006 18:47:24 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 7593 invoked by uid 500); 20 Jan 2006 18:47:24 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 7582 invoked by uid 99); 20 Jan 2006 18:47:24 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 20 Jan 2006 10:47:23 -0800 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [216.17.130.186] (HELO mail.mhsoftware.com) (216.17.130.186) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 20 Jan 2006 10:47:22 -0800 Received: from localhost (localhost [127.0.0.1]) by mail.mhsoftware.com (Postfix) with ESMTP id E97B9662B8 for ; Fri, 20 Jan 2006 11:47:01 -0700 (MST) Received: from mail.mhsoftware.com ([127.0.0.1]) by localhost (hagrid [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 21427-10 for ; Fri, 20 Jan 2006 11:47:01 -0700 (MST) Received: from emp00 (c-24-8-34-101.hsd1.co.comcast.net [24.8.34.101]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by mail.mhsoftware.com (Postfix) with ESMTP id 6007B661CA for ; Fri, 20 Jan 2006 11:47:01 -0700 (MST) From: "George Sexton" To: "'Tomcat Developers List'" Subject: RE: Security Manager Date: Fri, 20 Jan 2006 11:47:00 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.6353 Thread-Index: AcYd7UgDZMFeudeqQKmSpnVbfYmEhAAAsVxg In-Reply-To: <20060120181358.778EF64ABF@mail.mhsoftware.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Message-Id: <20060120184701.6007B661CA@mail.mhsoftware.com> X-Virus-Scanned: amavisd-new at mhsoftware.com X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Yet more. It seems by specification (SRV.3.7.1) grant { permission java.io.FilePermission "${catalina.base}/temp/-", "read, write","delete"; permission java.util.PropertyPermission "javax.servlet.context.tempdir", "read"; }; Really should be set so. George Sexton MH Software, Inc. http://www.mhsoftware.com/ Voice: 303 438 9585 > -----Original Message----- > From: George Sexton [mailto:gsexton@mhsoftware.com] > Sent: Friday, January 20, 2006 11:14 AM > To: 'Tomcat Developers List' > Subject: Security Manager > > I tried running 5.5.14 with -security specified and got this error: > > Using Security Manager > Listening for transport dt_socket at address: 7100 > Could not load Logmanager "org.apache.juli.ClassLoaderLogManager" > java.security.AccessControlException: access denied > (java.lang.RuntimePermission > shutdownHooks) > at > java.security.AccessControlContext.checkPermission(AccessControlConte > xt.java:264) > at > java.security.AccessController.checkPermission(AccessController.java: > 427) > at > java.lang.SecurityManager.checkPermission(SecurityManager.java:532) > > > My solution was to add: > > grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" { > permission java.security.AllPermission; > }; > > To the catalina.policy file. Is this correct? > > George Sexton > MH Software, Inc. > http://www.mhsoftware.com/ > Voice: 303 438 9585 > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org > For additional commands, e-mail: dev-help@tomcat.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org