If Resin/Your application is starting without problems and you have nothing granted in your policy file, then it is sure the policy is not being applied :).
We have one of our nodes configured in a similar manner and you have, at the very minimum, to grant permissions to the Caucho classes to allow Resin to open ports, write to temporary directories etc. so if Resin is starting without that, no policy is being applied. I'm out of the office and I have no way to get to that policy file now from my holidays place, but first of all you will need to get the policy file to be applied. We were using a previous version of Resin where the policy file could be specified as a startup parameter for http.sh, but AFAIK it is no longer possible with recent versions of Resin so you'll have to find out how to do it with the latest versions. S! D. S'està citant "Mktg. Incorporate Fast" <[EMAIL PROTECTED]>: > Hello, > > > > I am trying to implement resin as an ISP for many hosts in a shared > environment. We are setting up resin to run with a separate JVM per host > and we hope to use the security manager to restrict server rights per user. > > > > 1.) We want to prohibit users from reading system files. > > 2.) We want to prohibit malicious attacks via java, i.e. system.exit(); > > > > I have included <security-manager/> with the resin.conf file and we are > using <jvm-arg>-Djava.security.policy=file:/mypolicy/resin.policy</jvm-arg>. > When the system restarts, it does not appear that it is using the policy > file that we specified. After restart a JSP page is still able to read all > files on server and execute system.exit. Can anybody please help me to > identify what I am missing. > > > > Lastly the resin.policy file does not have anything granted. > > > > Thanks, > > > > Joey ---------------------------------------------------------------- _______________________________________________ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest
