cvs commit: jakarta-tomcat-catalina/catalina/src/conf catalina.policy

Thu, 31 Jul 2003 17:30:39 -0700 

jfarcand    2003/07/31 17:32:40

  Modified:    catalina/src/conf catalina.policy
  Log:
  Fix for bug 22032: missing security-policy in default-configuration.
  
  Precompiled JSPs running under the security manager always have to access 
org.apache.jasper.runtime.* classes. With the package protection mechanism turned on, 
those precompiled JSPs are being rejected by the security manager. The solution is to 
grant access to org.apache.jasper.runtime.* (unfortunatly there is no othe rway).
  
  Submitted by: Matthias Mezger ( mezger at gmx.de )
  
  Revision  Changes    Path
  1.9       +27 -22    jakarta-tomcat-catalina/catalina/src/conf/catalina.policy
  
  Index: catalina.policy
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/catalina.policy,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- catalina.policy   13 Dec 2002 21:57:26 -0000      1.8
  +++ catalina.policy   1 Aug 2003 00:32:40 -0000       1.9
  @@ -70,25 +70,25 @@
   // In addition, a web application will be given a read FilePermission
   // and JndiPermission for all files and directories in its document root.
   grant { 
  -        // Required for JNDI lookup of named JDBC DataSource's and
  -        // javamail named MimePart DataSource used to send mail
  -        permission java.util.PropertyPermission "java.home", "read";
  -        permission java.util.PropertyPermission "java.naming.*", "read";
  -        permission java.util.PropertyPermission "javax.sql.*", "read";
  -
  -        // OS Specific properties to allow read access
  -     permission java.util.PropertyPermission "os.name", "read";
  -     permission java.util.PropertyPermission "os.version", "read";
  -     permission java.util.PropertyPermission "os.arch", "read";
  -     permission java.util.PropertyPermission "file.separator", "read";
  -     permission java.util.PropertyPermission "path.separator", "read";
  -     permission java.util.PropertyPermission "line.separator", "read";
  -
  -        // JVM properties to allow read access
  -        permission java.util.PropertyPermission "java.version", "read";
  -        permission java.util.PropertyPermission "java.vendor", "read";
  -        permission java.util.PropertyPermission "java.vendor.url", "read";
  -        permission java.util.PropertyPermission "java.class.version", "read";
  +    // Required for JNDI lookup of named JDBC DataSource's and
  +    // javamail named MimePart DataSource used to send mail
  +    permission java.util.PropertyPermission "java.home", "read";
  +    permission java.util.PropertyPermission "java.naming.*", "read";
  +    permission java.util.PropertyPermission "javax.sql.*", "read";
  +
  +    // OS Specific properties to allow read access
  +    permission java.util.PropertyPermission "os.name", "read";
  +    permission java.util.PropertyPermission "os.version", "read";
  +    permission java.util.PropertyPermission "os.arch", "read";
  +    permission java.util.PropertyPermission "file.separator", "read";
  +    permission java.util.PropertyPermission "path.separator", "read";
  +    permission java.util.PropertyPermission "line.separator", "read";
  +
  +    // JVM properties to allow read access
  +    permission java.util.PropertyPermission "java.version", "read";
  +    permission java.util.PropertyPermission "java.vendor", "read";
  +    permission java.util.PropertyPermission "java.vendor.url", "read";
  +    permission java.util.PropertyPermission "java.class.version", "read";
        permission java.util.PropertyPermission "java.specification.version", "read";
        permission java.util.PropertyPermission "java.specification.vendor", "read";
        permission java.util.PropertyPermission "java.specification.name", "read";
  @@ -100,11 +100,16 @@
        permission java.util.PropertyPermission "java.vm.vendor", "read";
        permission java.util.PropertyPermission "java.vm.name", "read";
   
  -        // Required for OpenJMX
  -        permission java.lang.RuntimePermission "getAttribute";
  +    // Required for OpenJMX
  +    permission java.lang.RuntimePermission "getAttribute";
   
        // Allow read of JAXP compliant XML parser debug
        permission java.util.PropertyPermission "jaxp.debug", "read";
  +
  +    // Precompiled JSPs need access to this package.
  +    permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.jasper.runtime";
  +    permission java.lang.RuntimePermission 
"accessClassInPackage.org.apache.jasper.runtime.*";
  +    
   };
   
   
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to