You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kk...@apache.org on 2010/06/09 15:16:33 UTC
svn commit: r952994 - in /tomcat/tc6.0.x/trunk: STATUS.txt
conf/catalina.policy webapps/docs/changelog.xml
Author: kkolinko
Date: Wed Jun 9 13:16:32 2010
New Revision: 952994
URL: http://svn.apache.org/viewvc?rev=952994&view=rev
Log:
Rearrange tomcat-juli.jar permissions and wrap long lines in the conf/catalina.policy file, to make the text more readable when cited in documentation.
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/conf/catalina.policy
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=952994&r1=952993&r2=952994&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Wed Jun 9 13:16:32 2010
@@ -148,15 +148,6 @@ PATCHES PROPOSED TO BACKPORT:
+1: kkolinko, kfujino. jfclere
-1:
-* Rearrange tomcat-juli permissions in catalina.policy for better readability,
- and wrap long lines, as already done in trunk and in security-manager-howto.
- The reason is that we have a copy of this file in security-manager-howto.html,
- and long lines break layout of the document.
- I am not very confident that this patch needs applying, but here it is.
- http://people.apache.org/~kkolinko/patches/2010-06-08_tc6_policy-juli.patch
- +1: kkolinko, rjung, jfclere
- -1:
-
* Do not evaluate "execute.installer" in dist.xml, as it is never used:
"skip.installer" is used instead. Backport of r952478.
It is just a cleanup and removal of obsolete comment. Not important.
Modified: tomcat/tc6.0.x/trunk/conf/catalina.policy
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/conf/catalina.policy?rev=952994&r1=952993&r2=952994&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/conf/catalina.policy (original)
+++ tomcat/tc6.0.x/trunk/conf/catalina.policy Wed Jun 9 13:16:32 2010
@@ -66,23 +66,33 @@ grant codeBase "file:${catalina.home}/bi
// update this section accordingly.
// grant codeBase "file:${catalina.base}/bin/tomcat-juli.jar" {..}
grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
- permission java.util.PropertyPermission "java.util.logging.config.class", "read";
- permission java.util.PropertyPermission "java.util.logging.config.file", "read";
- permission java.io.FilePermission "${java.home}${file.separator}lib${file.separator}logging.properties", "read";
+ permission java.io.FilePermission
+ "${java.home}${file.separator}lib${file.separator}logging.properties", "read";
+
+ permission java.io.FilePermission
+ "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
+ permission java.io.FilePermission
+ "${catalina.base}${file.separator}logs", "read, write";
+ permission java.io.FilePermission
+ "${catalina.base}${file.separator}logs${file.separator}*", "read, write";
+
permission java.lang.RuntimePermission "shutdownHooks";
- permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
- permission java.util.PropertyPermission "catalina.base", "read";
- permission java.util.logging.LoggingPermission "control";
- permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write";
- permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write";
permission java.lang.RuntimePermission "getClassLoader";
permission java.lang.RuntimePermission "setContextClassLoader";
+ permission java.util.logging.LoggingPermission "control";
+
+ permission java.util.PropertyPermission "java.util.logging.config.class", "read";
+ permission java.util.PropertyPermission "java.util.logging.config.file", "read";
+ permission java.util.PropertyPermission "catalina.base", "read";
+
// Note: To enable per context logging configuration, permit read access to
// the appropriate file. Be sure that the logging configuration is
// secure before enabling such access.
// E.g. for the examples web application:
- // permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read";
+ // permission java.io.FilePermission "${catalina.base}${file.separator}
+ // webapps${file.separator}examples${file.separator}WEB-INF
+ // ${file.separator}classes${file.separator}logging.properties", "read";
};
// These permissions apply to the server startup code
@@ -154,7 +164,8 @@ grant {
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*";
// Precompiled JSPs need access to these system properties.
- permission java.util.PropertyPermission "org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER", "read";
+ permission java.util.PropertyPermission
+ "org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER", "read";
permission java.util.PropertyPermission "org.apache.el.parser.COERCE_TO_ZERO", "read";
};
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=952994&r1=952993&r2=952994&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Wed Jun 9 13:16:32 2010
@@ -290,6 +290,11 @@
<fix>
Remove unused code from org.apache.tomcat.util.buf classes. (kkolinko)
</fix>
+ <update>
+ Rearrange tomcat-juli.jar permissions and wrap long lines in the
+ <code>conf/catalina.policy</code> file, to make the text more readable
+ when cited in documentation. (kkolinko)
+ </update>
</changelog>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org