You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by la...@apache.org on 2002/01/31 04:49:55 UTC

cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/config PolicyInterceptor.java

larryi      02/01/30 19:49:55

  Modified:    src/share/org/apache/tomcat/modules/config
                        PolicyInterceptor.java
  Log:
  Fix for Bug 4923.
  
  FilePermission("<some dir>/-","read") appears to give access to the
  directory's contents and subdirectories, but doesn't grant direct access
  to the directory.  For example, exists() on the directory isn't granted.  Adding
  additionall FilePermissions to allow exists() on the web app's base and work
  directories.
  
  Revision  Changes    Path
  1.13      +11 -0     jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java
  
  Index: PolicyInterceptor.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- PolicyInterceptor.java	22 Aug 2001 03:02:46 -0000	1.12
  +++ PolicyInterceptor.java	31 Jan 2002 03:49:55 -0000	1.13
  @@ -174,12 +174,23 @@
   	// Add default write "-" FilePermission for docBase 
   	fp = new FilePermission(base + File.separator + "-", "write");
   	p.add(fp);
  +
  +        // Add read permission for the directory itself, needed to use
  +        // exists() on the directory
  +        fp = new FilePermission(base,"read");
  +        p.add(fp);
  +
   	fp = new FilePermission(context.getWorkDir() + File.separator + "-",
   				"read");
   	p.add(fp);
   	fp = new FilePermission(context.getWorkDir() + File.separator + "-",
   				"write");
   	p.add(fp);
  +
  +        // Add read permission for the work directory itself, needed to use
  +        // exists() on the directory
  +        fp = new FilePermission(context.getWorkDir().toString(),"read");
  +        p.add(fp);
   
   	// Read on the common and apps dir
   	fp = new FilePermission(cm.getInstallDir() + File.separator +
  
  
  

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>