See : http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22533
I am quoting Martijn Kruithof :
The following bug reports are associated with Security Manager issues: http://issues.apache.org/bugzilla/show_bug.cgi?id=6323 and http://issues.apache.org/bugzilla/show_bug.cgi?id=11459 I have written an patch / contribution to add permission handling to the code run inside the Java and JUnit tasks via a common permissions type. The reason no specific permission task has been made with in there nested the JUnit or Java task is that the tasks may need permissions that the code run by these tasks may not have. Manual testing has been performed under JDK 1.4.2 and automated test cases have been added. The build of dist-lite and test is verified to succeed under JDK 1.4.2 The new and modified test cases have been verified to succeed under JDK 1.2.2. (Lots of Failures/Errors there in base!)
I will start with my +1
I am +1. Indeed, I have patched my own copy and been playing with it.
I still think it would be nice to turn on exit catching in <java> classic, so that non-forking exits get caught. But it is hard to do that without risking backwards compatibility.
One option could be to say that the combination of fork==false && failonerror!=null turns on the security manager, as setting the failonerror flag in a non-forked <java> was meaningless till now -we couldnt catch the failure to decide whether or not to act on it.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
