tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 45737] New: AcessControlException when using security manager: juli can't read
Date Thu, 04 Sep 2008 07:34:05 GMT

           Summary: AcessControlException when using security manager: juli
                    can't read
           Product: Tomcat 5
           Version: 5.5.26
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina

When using the security manager with the default security policy
(catalina.policy), Tomcat 5.5.26 and 5.5.27 will throw an
AccessControlException for each loaded context during startup.


Check the contents of the files WEB-INF/lib/ for each of your
contexts. If those look safe, you can add read permission for these files to
the juli package in your security policy. See "per context logging" in
catalina.policy. Note that by CVE-2007-5342 you should make sure, that the
webapp provided do not try to manipulate data outdise of the
context, like overwriting other contexts log files.


A fix has been proposed for backport from trunk. It will log the situation and
no longer throw an exception.

This issue is meant as a reference for users running into the problem. It
should be closed after the backport.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message