On 4 May 2002 [EMAIL PROTECTED] wrote: > Make the "/deploy" command recognize a "META-INF/context.xml" file embedded > inside the WAR, and process it as a context configuration file. This allows > deployment tool clients to customize the configuration of a webapp with > exactly the same degree of freedom as those that use the "/install" command, > with the added benefit of being able to deploy onto a Tomcat instance > running on a different server.
This is a very dangerous path... Having server-config info in the webapp is extremely dangerous, it may (easily) break the sandbox. Unless there's something I'm missing, context.xml will allow loading of valves and other modules that have access to the server internal objects. This is a huge security hole. Well, having the config files in webapps/ is dangerous too - IMHO all potentially dangerous configs should be in conf/, since webapps may be writtable to more groups. But this is far worse. At least add a check to disable this if a security manager is present. Costin -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
