You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Olivier Oeuillot <ol...@fingo.net> on 2001/08/10 14:30:01 UTC

[PROPOSAL] JasperLoader correction

Use the System.getSecurityManager(), not the SecurityManager specified
by the field of the class JasperLoader.

(Question:  What is the interest of field (securityManager) into
JasperLoader.class  ? )

Regards,

Olivier.




Index: JasperLoader.java
===================================================================
RCS file:
/home/cvspublic/jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/servlet/JasperLoader.java,v
retrieving revision 1.5
diff -u -r1.5 JasperLoader.java
--- JasperLoader.java	2001/06/22 20:13:19	1.5
+++ JasperLoader.java	2001/08/10 12:12:53
@@ -177,7 +177,7 @@
         if (System.getSecurityManager() != null) {     
             if (dot >= 0) {                
                 try {                    
-                   
securityManager.checkPackageAccess(name.substring(0,dot));
+                   
System.getSecurityManager().checkPackageAccess(name.substring(0,dot));
                 } catch (SecurityException se) {
                     String error = "Security Violation, attempt to use
" +
                         "Restricted Class: " + name;