Return-Path: Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: (qmail 39293 invoked from network); 2 Apr 2011 23:07:50 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 2 Apr 2011 23:07:50 -0000 Received: (qmail 91554 invoked by uid 500); 2 Apr 2011 23:07:50 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 91479 invoked by uid 500); 2 Apr 2011 23:07:50 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 91470 invoked by uid 99); 2 Apr 2011 23:07:50 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 02 Apr 2011 23:07:50 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 02 Apr 2011 23:07:47 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id CFDEE238890A; Sat, 2 Apr 2011 23:07:25 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1088175 - in /tomcat/tc6.0.x/trunk: STATUS.txt conf/catalina.policy Date: Sat, 02 Apr 2011 23:07:25 -0000 To: dev@tomcat.apache.org From: kkolinko@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20110402230725.CFDEE238890A@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: kkolinko Date: Sat Apr 2 23:07:25 2011 New Revision: 1088175 URL: http://svn.apache.org/viewvc?rev=1088175&view=rev Log: Update examples in conf/catalina.policy to use ${catalina.base} instead of ${catalina.home} CTR Modified: tomcat/tc6.0.x/trunk/STATUS.txt tomcat/tc6.0.x/trunk/conf/catalina.policy Modified: tomcat/tc6.0.x/trunk/STATUS.txt URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1088175&r1=1088174&r2=1088175&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/STATUS.txt (original) +++ tomcat/tc6.0.x/trunk/STATUS.txt Sat Apr 2 23:07:25 2011 @@ -139,11 +139,6 @@ PATCHES PROPOSED TO BACKPORT: https://issues.apache.org/bugzilla/attachment.cgi?id=26758 +1: markt, kkolinko -1: - kkolinko: This is not a default configuration, but a well-used one, so I - agree that it is OK to enable those permissions by default. Note, that - 1) I think it would be nice to s/${catalina.home}/${catalina.base}/ - for the /examples webapps at the end of the file, as done by r881432 - Those are comments, so looks like CTR. * Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=50895 Don't initialize classes during compilation Modified: tomcat/tc6.0.x/trunk/conf/catalina.policy URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/conf/catalina.policy?rev=1088175&r1=1088174&r2=1088175&view=diff ============================================================================== --- tomcat/tc6.0.x/trunk/conf/catalina.policy (original) +++ tomcat/tc6.0.x/trunk/conf/catalina.policy Sat Apr 2 23:07:25 2011 @@ -89,7 +89,8 @@ grant codeBase "file:${catalina.home}/bi // Note: To enable per context logging configuration, permit read access to // the appropriate file. Be sure that the logging configuration is // secure before enabling such access. - // E.g. for the examples web application: + // E.g. for the examples web application (uncomment and unwrap + // the following to be on a single line): // permission java.io.FilePermission "${catalina.base}${file.separator} // webapps${file.separator}examples${file.separator}WEB-INF // ${file.separator}classes${file.separator}logging.properties", "read"; @@ -192,21 +193,21 @@ grant codeBase "file:${catalina.base}/we // the NOAA web server. You might create a "grant" entries like this: // // The permissions granted to the context root directory apply to JSP pages. -// grant codeBase "file:${catalina.home}/webapps/examples/-" { +// grant codeBase "file:${catalina.base}/webapps/examples/-" { // permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect"; // permission java.net.SocketPermission "*.noaa.gov:80", "connect"; // }; // // The permissions granted to the context WEB-INF/classes directory -// grant codeBase "file:${catalina.home}/webapps/examples/WEB-INF/classes/-" { +// grant codeBase "file:${catalina.base}/webapps/examples/WEB-INF/classes/-" { // }; // // The permission granted to your JDBC driver -// grant codeBase "jar:file:${catalina.home}/webapps/examples/WEB-INF/lib/driver.jar!/-" { +// grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/driver.jar!/-" { // permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect"; // }; // The permission granted to the scrape taglib -// grant codeBase "jar:file:${catalina.home}/webapps/examples/WEB-INF/lib/scrape.jar!/-" { +// grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/scrape.jar!/-" { // permission java.net.SocketPermission "*.noaa.gov:80", "connect"; // }; --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org