tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joe Shevland" <>
Subject RE: Running Tomcat for an ISP
Date Thu, 05 Oct 2000 01:21:37 GMT

Whilst I haven't done this yet I've been thinking about :) There may be some gotchas...

> -----Original Message-----
> From: Taglang, Guillaume []
> Sent: Thursday, October 05, 2000 11:35 AM
> To: ''
> Subject: Running Tomcat for an ISP
> Hi,
> 2 questions about using Tomcat for an ISP:
>   - can I prevent users to make a System.exit()

Installing a SecurityManager or specifying a security file with this ability turned off should
work. Are there any issues with installing a SecurityManager for each Tomcat JVM instance
running? This would be a whole-of-JVM thing, not per webapp.

>   - can I prevent crashing when the user use a buggy native library (core
> dump)?

No, as the core dump (BLOD, whatever) is an OS thing and out of the JVM's hands at that stage.
But you *can* prevent or allow access to only particular native libraries using the SecurityManager
(OTOH, again, haven't tried, but recall reading it).


> Regards,
> Guillaume

View raw message