tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joe Shevland" <shevla...@kpi.com.au>
Subject RE: Running Tomcat for an ISP
Date Thu, 05 Oct 2000 01:21:37 GMT
Hi,

Whilst I haven't done this yet I've been thinking about :) There may be some gotchas...

> -----Original Message-----
> From: Taglang, Guillaume [mailto:Guillaume.Taglang@paybox.net]
> Sent: Thursday, October 05, 2000 11:35 AM
> To: 'tomcat-user@jakarta.apache.org'
> Subject: Running Tomcat for an ISP
> 
> 
> 
> Hi,
> 
> 2 questions about using Tomcat for an ISP:
>   - can I prevent users to make a System.exit()

Installing a SecurityManager or specifying a security file with this ability turned off should
work. Are there any issues with installing a SecurityManager for each Tomcat JVM instance
running? This would be a whole-of-JVM thing, not per webapp.

>   - can I prevent crashing when the user use a buggy native library (core
> dump)?

No, as the core dump (BLOD, whatever) is an OS thing and out of the JVM's hands at that stage.
But you *can* prevent or allow access to only particular native libraries using the SecurityManager
(OTOH, again, haven't tried, but recall reading it).

Cheers,
Joe

> 
> Regards,
> 
> Guillaume
> 


Mime
View raw message