You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2008/08/29 02:12:27 UTC
DO NOT REPLY [Bug 45709] New: Incorrect configuration in default
catalina.policy
https://issues.apache.org/bugzilla/show_bug.cgi?id=45709
Summary: Incorrect configuration in default catalina.policy
Product: Tomcat 5
Version: 5.5.26
Platform: PC
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: wtranmer@gmail.com
Problem:
The zipfile distribution of Apache-Tomcat-5.5.26 contains an improper
conf/catalina.policy file with regards to logging permissions when running with
-security option. It may exist in the other distribution packages. I have not
checked them.
To reproduce:
Download apache-tomcat-5.5.26.zip distribution
Expand the zip file to a folder
Run the command {catalina.hom}/bin/catalina run -security
Cause:
There are two corrections that need to be made actually.
1. The commons-logging-api jar that is packaged with apache-tomcat-5.5.26 is
named "commons-logging-api-1.1.1.jar". The catalina.policy file grants
permissions to "commons-logging-api.jar".
2. After correcting the first cause, you will need three permissions set for
${catalina.home}/bin/tomcat-juli.jar. These are due to the bundled example
webapps. Please add the following lines to the default permissions list for
juli --
permission java.io.FilePermission
"${catalina.base}${file.seaparator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties",
"read";
permission java.io.FilePermission
"${catalina.base}${file.seaparator}webapps${file.separator}servlets-examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties",
"read";
permission java.io.FilePermission
"${catalina.base}${file.seaparator}webapps${file.separator}jsp-examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties",
"read";
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 45709] Incorrect configuration in default
catalina.policy
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45709
--- Comment #2 from William Tranmer <wt...@gmail.com> 2008-08-29 07:59:46 PST ---
Thanks
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 45709] Incorrect configuration in default
catalina.policy
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=45709
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |DUPLICATE
--- Comment #1 from Mark Thomas <ma...@apache.org> 2008-08-29 04:01:19 PST ---
The first issue has already been fixed. The second isn't going to be fixed.
Work is in hand to handle the errors more gracefully.
In a security conscious environment, the examples should not be installed so I
don't see the need to add explicit permissions for this web app.
*** This bug has been marked as a duplicate of bug 45293 ***
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org