svn commit: r1725926 - in /tomcat/trunk: java/org/apache/naming/factory/ResourceLinkFactory.java webapps/docs/changelog.xml

Thu, 21 Jan 2016 04:47:33 -0800 

Author: kkolinko
Date: Thu Jan 21 12:47:19 2016
New Revision: 1725926

URL: http://svn.apache.org/viewvc?rev=1725926&view=rev
Log:
Protect initialization of ResourceLinkFactory when running with a 
SecurityManager.

Modified:
    tomcat/trunk/java/org/apache/naming/factory/ResourceLinkFactory.java
    tomcat/trunk/webapps/docs/changelog.xml

Modified: tomcat/trunk/java/org/apache/naming/factory/ResourceLinkFactory.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/naming/factory/ResourceLinkFactory.java?rev=1725926&r1=1725925&r2=1725926&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/naming/factory/ResourceLinkFactory.java 
(original)
+++ tomcat/trunk/java/org/apache/naming/factory/ResourceLinkFactory.java Thu 
Jan 21 12:47:19 2016
@@ -60,6 +60,11 @@ public class ResourceLinkFactory
      * @param newGlobalContext new global context value
      */
     public static void setGlobalContext(Context newGlobalContext) {
+        SecurityManager sm = System.getSecurityManager();
+        if (sm != null) {
+            sm.checkPermission(new RuntimePermission(
+                   ResourceLinkFactory.class.getName() + ".setGlobalContext"));
+        }
         globalContext = newGlobalContext;
     }
 

Modified: tomcat/trunk/webapps/docs/changelog.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1725926&r1=1725925&r2=1725926&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/trunk/webapps/docs/changelog.xml Thu Jan 21 12:47:19 2016
@@ -45,6 +45,14 @@
   issues do not "pop up" wrt. others).
 -->
 <section name="Tomcat 9.0.0.M3" rtext="In development">
+  <subsection name="Catalina">
+    <changelog>
+      <fix>
+        Protect initialization of <code>ResourceLinkFactory</code> when
+        running with a SecurityManager. (kkolinko)
+      </fix>
+    </changelog>
+  </subsection>
 </section>
 <section name="Tomcat 9.0.0.M2" rtext="Voting in progress">
   <subsection name="Catalina">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to