IL PROTECTED]
> Subject: Re: Preventing System.exit(0)
>
>
> On Monday 30 July 2001 04:33 pm, you wrote:
> > At 06:24 AM 7/30/2001, you wrote:
> > >Is it possible to configure Tomcat to avoid shutdown
> > >in case the jsp page contains the code:
> > >
On Monday 30 July 2001 04:33 pm, you wrote:
> At 06:24 AM 7/30/2001, you wrote:
> >Is it possible to configure Tomcat to avoid shutdown
> >in case the jsp page contains the code:
> >
> ><% System.exit(0); %>
>
> Java SERVER pages are server-side code. Why is having
> a system object issue an exit
Henrik Skafsgaard Larsen at [EMAIL PROTECTED] wrote:
> Is it possible to configure Tomcat to avoid shutdown
> in case the jsp page contains the code:
>
> <% System.exit(0); %>
Yep... Run it in a sandboxed environment with a Security Manager...
Pier
At 08:54 AM 7/30/2001, you wrote:
>Imagine if someone who is authorized to publish JSP's on your site
>invadvertently included the following in their JSP:
Well, I think I asked that question. As far as I'm concerned
allowing users to run jsps on your server is black box code.
Title: Re: Preventing System.exit(0)
RTFM.
Security managers...
http://jakarta.apache.org/tomcat/tomcat-3.2-doc/uguide/tomcat-security.html
Why use a SecurityManager?
The Java SecurityManager is what allows a web browser to run an applet
in its own sandbox to prevent untrusted code
At 06:24 AM 7/30/2001, you wrote:
>Is it possible to configure Tomcat to avoid shutdown
>in case the jsp page contains the code:
>
><% System.exit(0); %>
Java SERVER pages are server-side code. Why is having
a system object issue an exit method an issue for you?
Do you plan on having your server
Is it possible to configure Tomcat to avoid shutdown
in case the jsp page contains the code:
<% System.exit(0); %>
med venlig hilsen / kind regards
Henrik Skafsgaard Larsen