Remy Maucherat wrote: > Jeanfrancois Arcand wrote: >> The only problem I see by removing the package org.apache.jsp is that >> when Tomcat run under the security manager, it is no longer possible to >> protect an application from package insertion/access (dangerous). >> >> It is still possible to protect the application by manually adding the >> new package name under the conf/tomcat.properties file. This will have >> to be documented somewhere. > > That's a good point, also. (oh, no, I'm back in the middle of a JSPC > induced mess ;-) ) > Ok, I can re-revert my patch ;-)
It won't change a thing - if you have org.apache.jsp package for all jsps in the web site. My problem with org.apache.jsp -> it's apache specific and it's too long. To be honest - I don't care, since I'll use the prefix explicitely in jspc. And the mess is not jspc - but JspServlet :-) Costin -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
