https://bz.apache.org/bugzilla/show_bug.cgi?id=62830
--- Comment #15 from Igal Sapir <isa...@apache.org> --- (In reply to Konstantin Kolinko from comment #14) > I think that this listener must be mentioned on "security-howto.xml". > > http://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#Listeners > > It can be configured in any container (e.g. in context.xml) and it will load > an arbitrary DLL, and I think that this will be done with only Tomcat code > in the call stack. That means that it will run with Tomcat's > "java.security.AllPermission" permissions. Added the following statement in r1844615: The JNI Library Loading Listener may be used to load native code. It should only be used to load trusted libraries. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
