tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrea Powles <akp...@student.monash.edu>
Subject RE: security permissions
Date Mon, 19 Apr 2004 00:20:32 GMT
Hi,

Im wanting to run the program on the server.

When I startup Tomcat with the -security option Tomcat doesn't start up? This is the case
even when I take out my modifications to the policy file. When I don't use the -security option
Tomcat runs fine but I am unable to execute another program from my webapp. Anyone have an
idea as wo why not?

Thanks in advance
Andrea Powles


Mark Thomas <markt@apache.org> wrote:
> Where are you trying to run the external program? On the tomcat server or
> on the
> client talking to the server?
> 
> If on the server try:
> - testing it without the security manager
> 
> If on the client:
> - The browser security model will not allow this at all unless the
> applet/JavaScript is signed.
> - If you use vbscript on IE, the browser will let unsigned code do it but
> requires the user to acknowledge the risk before running the app.
> 
> Mark 
> 
> > -----Original Message-----
> > From: Andrea Powles [mailto:akpow1@student.monash.edu] 
> > Sent: Saturday, April 17, 2004 7:43 AM
> > To: Tomcat Users List
> > Subject: Re: security permissions
> > 
> > Thanks, I tried this but it doesn't seem to work, don't know 
> > what I'm doing wrong?
> > 
> > 
> > 
> > Andrea Powles
> > 
> > 
> > 
> > Jeanfrancois Arcand <jfarcand@apache.org> wrote:
> > 
> > > 
> > 
> > > 
> > 
> > > Andrea Powles wrote:
> > 
> > > 
> > 
> > > >Hi Tomcatusers,
> > 
> > > >
> > 
> > > >I wish for one of my web apps in Tomcat to execute another 
> > program on my computer using the exec method. I know that I 
> > can't currently do this due to the security restrictions.
> > 
> > > >
> > 
> > > >I have tried changing the Catalina policy file but I'm 
> > unsure of exactly what to do so it didn't work. Can someone 
> > please advise me of exactly what I need to add or modify in 
> > order for my web app to have all permissions.
> > 
> > > >
> > 
> > > >I am aware of the security risks but at this stage it is 
> > more important that I get my application to work. My web app 
> > runs as a servlet and is in a web app directory calledruddis.
> > 
> > > > 
> > 
> > > >
> > 
> > > try the following in catalina.policy:
> > 
> > > 
> > 
> > > > // These permissions apply only to yourapplication
> > 
> > > > grant codeBase "file:${catalina.home}/webapps/<<your webapp>>/-"{
> > 
> > > > permissionjava.security.AllPermission;
> > 
> > > >};
> > 
> > > 
> > 
> > > 
> > 
> > > -- Jeanfrancois
> > 
> > > 
> > 
> > > >Thanks in advance
> > 
> > > >AndreaPowles
> > 
> > > >
> > 
> > > >
> > 
> > > 
> > >---------------------------------------------------------------------
> > 
> > > >To unsubscribe, e-mail:tomcat-user-unsubscribe@jakarta.apache.org
> > 
> > > >For additional commands, e-mail:tomcat-user-help@jakarta.apache.org
> > 
> > > >
> > 
> > > >
> > 
> > > > 
> > 
> > > >
> > 
> > > 
> > 
> > > 
> > 
> > > 
> > ---------------------------------------------------------------------
> > 
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > 
> > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > 
> > 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message