DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10902>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=10902 "package.access" security check too general for Jasper - precompiled JSPs get package-access violation [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED ------- Additional Comments From [EMAIL PROTECTED] 2002-07-19 12:42 ------- The accessClassInPackage.org.apache.jasper.runtime.* permission has been added to the default catalina.policy in both the 4.0 and 4.1 branches of Tomcat. I think this is the best solution. All packages are in org.apache.jasper, and only one permission needs to be granted for JSPC generated servlets. I also reviewed the classes in org.apache.jasper.runtime again to verify that there weren't any security problems granting access to it. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
