You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Mark Petrovic <ms...@gmail.com> on 2006/05/07 18:02:14 UTC
Living a Tomcat life with the catalina.policy file: policy file analysis tools
Good day.
This is a newbie question.
Having spent a bit of time manually editing via trial and error my
catalina.policy file just right so my webapp would run leaves me wondering
whether there is a tool that can be responsibly used to show you what the
policy file should look like if the app is to get its job done.
I spent a lot of time examining the various security violations in
catalina.out, and concluded that while it may not be trivial, it is
conceivable that a tool could automate the production of a farily
fine-grained policy file to show you what the app ideally needs to run. And
you could edit from there as needed.
Are there such tools?
Thank you.
--
Mark
AE6RT
Re: Living a Tomcat life with the catalina.policy file: policy file analysis tools
Posted by Mark Petrovic <ms...@gmail.com>.
I got to thinking about this tool problem. Here is a a bit of basic work on
a tool to generate a catalina.policy file. Time will tell if it's useful.
Someone may have already solved this problem, but it's all fun.
http://www.petrovic.org/blog/?p=134
On 5/7/06, Mark Petrovic <ms...@gmail.com> wrote:
>
> Good day.
>
> This is a newbie question.
>
> Having spent a bit of time manually editing via trial and error my
> catalina.policy file just right so my webapp would run leaves me wondering
> whether there is a tool that can be responsibly used to show you what the
> policy file should look like if the app is to get its job done.
>
> I spent a lot of time examining the various security violations in
> catalina.out, and concluded that while it may not be trivial, it is
> conceivable that a tool could automate the production of a farily
> fine-grained policy file to show you what the app ideally needs to run. And
> you could edit from there as needed.
>
> Are there such tools?
>
> Thank you.
>
> --
> Mark
> AE6RT
>
--
Mark
AE6RT