Miguel Torres Fernández wrote:
Good Morning.
At firts say hello, this is my first message to the list.
I'm a system admin and i have a problem with applications thats set
system variables like proxy of the system (system.setProperties). It's a
big problem for us, i have an instance of tomcat with more than ten
applications and the past week two of them modify parameters of the
system like proxy or trustkeystore.
Exist some jdk options to avoid applications to set this parameters?
Hola Miguel.
Simple answer : don't run these applications. The developers of these
applications should know that when they set such a "system" property, it
sets it for the entire JVM, and they should think about the consequences.
As a sysadmin, you can probably forbid these applications from doing
that, by running Tomcat with a security manager. Look at the Tomcat
startup scripts to see if there are default options being loaded
somewhere. If you are under Linux, you may find something in, for
example, /etc/defaults/tomcat.
But the problem is, such a security manager is also valid for the entire
JVM, and thus the entire Tomcat and all its (other) applications.
So you may have to do a lot of individual tuning of the permissions of
each application, just to control these two misbehaving applications.
Also, by setting these permissions, the most likely result is that these
two applications will now crash, since they will get a permission error
when they try to do what they do.
So, back to the simple answer above.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org