You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Olivier Oeuillot <ol...@fingo.net> on 2001/08/10 14:30:01 UTC
[PROPOSAL] JasperLoader correction
Use the System.getSecurityManager(), not the SecurityManager specified
by the field of the class JasperLoader.
(Question: What is the interest of field (securityManager) into
JasperLoader.class ? )
Regards,
Olivier.
Index: JasperLoader.java
===================================================================
RCS file:
/home/cvspublic/jakarta-tomcat-4.0/jasper/src/share/org/apache/jasper/servlet/JasperLoader.java,v
retrieving revision 1.5
diff -u -r1.5 JasperLoader.java
--- JasperLoader.java 2001/06/22 20:13:19 1.5
+++ JasperLoader.java 2001/08/10 12:12:53
@@ -177,7 +177,7 @@
if (System.getSecurityManager() != null) {
if (dot >= 0) {
try {
-
securityManager.checkPackageAccess(name.substring(0,dot));
+
System.getSecurityManager().checkPackageAccess(name.substring(0,dot));
} catch (SecurityException se) {
String error = "Security Violation, attempt to use
" +
"Restricted Class: " + name;