You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Vieri Di Paola <vi...@yahoo.com> on 2005/07/19 12:40:15 UTC
FilePermission
Hello,
If I try executing the following JSP code (taken from
www.hipergate.org):
FileInputStream oFileStream = new
FileInputStream(Gadgets.chomp(Environment.getEnvVar("KNOWGATE_PROFILES"),java.io.File.seperator)+"hipergate.cnf");
oProfile.load(oFileStream);
I get this error page:
HTTP Status 500 -
type Exception report
message
description: The server encountered an internal error
() that prevented it from fulfilling this request.
exception
org.apache.jasper.JasperException: access denied
(java.io.FilePermission /usr/bin/env execute)
at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:207)
at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:240)
at
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:187)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200)
at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:51)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:129)
at java.security.AccessController.doPrivileged(Native
Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:125)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:209)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:144)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2358)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:133)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:118)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:116)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:127)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:152)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
at java.lang.Thread.run(Thread.java:534)
root cause
java.security.AccessControlException: access denied
(java.io.FilePermission /usr/bin/env execute)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
at
java.security.AccessController.checkPermission(AccessController.java:401)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
at
java.lang.SecurityManager.checkExec(SecurityManager.java:771)
at java.lang.Runtime.exec(Runtime.java:563)
at java.lang.Runtime.exec(Runtime.java:428)
at java.lang.Runtime.exec(Runtime.java:364)
at java.lang.Runtime.exec(Runtime.java:326)
at com.knowgate.misc.Environment.readEnvVars(Unknown
Source)
at com.knowgate.misc.Environment.getEnvVar(Unknown
Source)
at
org.apache.jsp.setup2_jsp._jspService(setup2_jsp.java:100)
at
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:92)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:162)
at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:240)
at
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:187)
at
javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200)
at
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:51)
at
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:129)
at java.security.AccessController.doPrivileged(Native
Method)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:125)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:209)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:144)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2358)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:133)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:118)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:116)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:127)
at
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
at
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:152)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
at
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
at java.lang.Thread.run(Thread.java:534)
Apache Tomcat/4.1
Debian Sarge 3.1
Blackdown Java J2SDK1.4
Note: /usr/bin/env is "executable" by everyone.
Thanks for any help or hints.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: FilePermission
Posted by Vieri Di Paola <vi...@yahoo.com>.
Never mind my question. I solved the problem by adding
a security policy in /etc/tomcat.
Sorry for the newbie question...
--- Vieri Di Paola <vi...@yahoo.com> wrote:
> Hello,
> If I try executing the following JSP code (taken
> from
> www.hipergate.org):
>
> FileInputStream oFileStream = new
>
FileInputStream(Gadgets.chomp(Environment.getEnvVar("KNOWGATE_PROFILES"),java.io.File.seperator)+"hipergate.cnf");
> oProfile.load(oFileStream);
>
> I get this error page:
>
> HTTP Status 500 -
>
> type Exception report
>
> message
>
> description: The server encountered an internal
> error
> () that prevented it from fulfilling this request.
>
> exception
>
> org.apache.jasper.JasperException: access denied
> (java.io.FilePermission /usr/bin/env execute)
> at
>
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:207)
> at
>
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:240)
> at
>
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:187)
> at
>
javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
>
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200)
> at
>
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:51)
> at
>
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:129)
> at
> java.security.AccessController.doPrivileged(Native
> Method)
> at
>
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:125)
> at
>
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:209)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
> at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
> at
>
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
> at
>
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:144)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
> at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
> at
>
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
> at
>
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2358)
> at
>
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:133)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
> at
>
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:118)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
> at
>
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:116)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
> at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
> at
>
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
> at
>
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:127)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
> at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
> at
>
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
> at
>
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:152)
> at
>
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
> at
>
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
> at
>
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
> at
>
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
> at java.lang.Thread.run(Thread.java:534)
>
>
> root cause
>
> java.security.AccessControlException: access denied
> (java.io.FilePermission /usr/bin/env execute)
> at
>
java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
> at
>
java.security.AccessController.checkPermission(AccessController.java:401)
> at
>
java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
> at
>
java.lang.SecurityManager.checkExec(SecurityManager.java:771)
> at java.lang.Runtime.exec(Runtime.java:563)
> at java.lang.Runtime.exec(Runtime.java:428)
> at java.lang.Runtime.exec(Runtime.java:364)
> at java.lang.Runtime.exec(Runtime.java:326)
> at
> com.knowgate.misc.Environment.readEnvVars(Unknown
> Source)
> at com.knowgate.misc.Environment.getEnvVar(Unknown
> Source)
> at
>
org.apache.jsp.setup2_jsp._jspService(setup2_jsp.java:100)
> at
>
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:92)
> at
>
javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
>
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:162)
> at
>
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:240)
> at
>
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:187)
> at
>
javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
> at
>
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200)
> at
>
org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:51)
> at
>
org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:129)
> at
> java.security.AccessController.doPrivileged(Native
> Method)
> at
>
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:125)
> at
>
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:209)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
> at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
> at
>
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
> at
>
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:144)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
> at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
> at
>
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
> at
>
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2358)
> at
>
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:133)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
> at
>
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:118)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
> at
>
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:116)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
> at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
> at
>
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
> at
>
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:127)
> at
>
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
> at
>
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
> at
>
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
> at
>
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:152)
> at
>
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
> at
>
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
> at
>
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
> at
>
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
> at java.lang.Thread.run(Thread.java:534)
>
> Apache Tomcat/4.1
> Debian Sarge 3.1
>
=== message truncated ===
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org