cvs commit: jakarta-tomcat-catalina/catalina/src/conf catalina.properties catalina.policy

Mon, 04 Nov 2002 12:24:32 -0800 

jfarcand    2002/11/04 12:22:44

  Modified:    catalina/src/conf catalina.properties catalina.policy
  Log:
  Partial fix for the new JSP 2.0 features running under the SecurityManager. The 
generated code needs some special permissions in order to run properly. Even when we 
do not protect any packages, the JSP 2.0 stuff still not works. Special permissions or 
doPrivileged block will needs to be added to the the generated code in order to work 
properly. This partial fix allows the JSP 2.0 example to run under the SecurityManager.
  
  Revision  Changes    Path
  1.5       +2 -3      jakarta-tomcat-catalina/catalina/src/conf/catalina.properties
  
  Index: catalina.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/catalina.properties,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- catalina.properties       4 Nov 2002 05:33:50 -0000       1.4
  +++ catalina.properties       4 Nov 2002 20:22:43 -0000       1.5
  @@ -4,8 +4,7 @@
   # passed to checkPackageAccess unless the
   # corresponding RuntimePermission ("accessClassInPackage."+package) has
   # been granted.
  
-package.access=sun.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.compiler.,org.apache.jasper.core.,org.apache.jasper.logging.,org.apache.jasper.resources.,org.apache.jasper.servlet.,org.apache.jasper.util.,org.apache.jasper.xmlparser
  -
  
+package.access=sun.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.
   #
   # List of comma-separated packages that start with or equal this string
   # will cause a security exception to be thrown when
  @@ -16,7 +15,7 @@
   # by default, no packages are restricted for definition, and none of
   # the class loaders supplied with the JDK call checkPackageDefinition.
   #
  
-package.definition=sun.,java.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.compiler.,org.apache.jasper.core.,org.apache.jasper.logging.,org.apache.jasper.resources.,org.apache.jasper.servlet.,org.apache.jasper.util.,org.apache.jasper.xmlparser
  
+package.definition=sun.,java.,org.apache.catalina.,org.apache.coyote.,org.apache.tomcat.,org.apache.jasper.
   
   #
   #
  
  
  
  1.6       +6 -1      jakarta-tomcat-catalina/catalina/src/conf/catalina.policy
  
  Index: catalina.policy
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/catalina.policy,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- catalina.policy   4 Nov 2002 16:43:31 -0000       1.5
  +++ catalina.policy   4 Nov 2002 20:22:43 -0000       1.6
  @@ -63,6 +63,11 @@
           permission java.security.AllPermission;
   };
   
  +// The new JSP 2.0 implementation needs some special privileges in order to work.
  +// FIX ME: Need to reduce the permission scope.
  +grant codeBase "file:${catalina.home}/webapps/jsp-examples/-" {
  +  permission java.security.AllPermission;  
  +};
   
   // ========== WEB APPLICATION PERMISSIONS =====================================
   
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@;jakarta.apache.org>

Reply via email to