You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by jf...@apache.org on 2002/11/04 21:22:44 UTC
cvs commit: jakarta-tomcat-catalina/catalina/src/conf catalina.properties catalina.policy
jfarcand 2002/11/04 12:22:44
Modified: catalina/src/conf catalina.properties catalina.policy
Log:
Partial fix for the new JSP 2.0 features running under the SecurityManager. The generated code needs some special permissions in order to run properly. Even when we do not protect any packages, the JSP 2.0 stuff still not works. Special permissions or doPrivileged block will needs to be added to the the generated code in order to work properly. This partial fix allows the JSP 2.0 example to run under the SecurityManager.
Revision Changes Path
1.5 +2 -3 jakarta-tomcat-catalina/catalina/src/conf/catalina.properties
Index: catalina.properties
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/catalina.properties,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- catalina.properties 4 Nov 2002 05:33:50 -0000 1.4
+++ catalina.properties 4 Nov 2002 20:22:43 -0000 1.5
@@ -4,8 +4,7 @@
# passed to checkPackageAccess unless the
# corresponding RuntimePermission ("accessClassInPackage."+package) has
# been granted.
-package.access=sun.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.compiler.,org.apache.jasper.core.,org.apache.jasper.logging.,org.apache.jasper.resources.,org.apache.jasper.servlet.,org.apache.jasper.util.,org.apache.jasper.xmlparser
-
+package.access=sun.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.
#
# List of comma-separated packages that start with or equal this string
# will cause a security exception to be thrown when
@@ -16,7 +15,7 @@
# by default, no packages are restricted for definition, and none of
# the class loaders supplied with the JDK call checkPackageDefinition.
#
-package.definition=sun.,java.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.compiler.,org.apache.jasper.core.,org.apache.jasper.logging.,org.apache.jasper.resources.,org.apache.jasper.servlet.,org.apache.jasper.util.,org.apache.jasper.xmlparser
+package.definition=sun.,java.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.
#
#
1.6 +6 -1 jakarta-tomcat-catalina/catalina/src/conf/catalina.policy
Index: catalina.policy
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/catalina.policy,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- catalina.policy 4 Nov 2002 16:43:31 -0000 1.5
+++ catalina.policy 4 Nov 2002 20:22:43 -0000 1.6
@@ -63,6 +63,11 @@
permission java.security.AllPermission;
};
+// The new JSP 2.0 implementation needs some special privileges in order to work.
+// FIX ME: Need to reduce the permission scope.
+grant codeBase "file:${catalina.home}/webapps/jsp-examples/-" {
+ permission java.security.AllPermission;
+};
// ========== WEB APPLICATION PERMISSIONS =====================================
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>