> On Dec 30, 2024, at 07:15, Carl Wick <cw...@americanbus.com.INVALID> wrote: > > -----Original Message----- > From: Christopher Schultz <ch...@christopherschultz.net> > Sent: Friday, December 27, 2024 12:00 PM > To: users@tomcat.apache.org > Subject: Re: Setting sun.io.useCanonCaches to flase > > On 12/27/24 9:49 AM, Carl Wick wrote: >> Running Tomcat as a service, don't have a Java tab. Created the >> following System Environment Variable: > Are you on Windows? Are you using the Tomcat service (procrun)? If so, then > you have a Java tab somewhere. > > Yes, this is Windows Server. Tomcat is running as service, there is no > procrun, the executable that is running is tomcat9.exe.
You do have procrun and a Java tab; to learn how to configure Tomcat using tomcat9w.exe (note the “w”), read the “Apache Commons Daemon” section of the RUNNING.txt file in the Tomcat installation directory, along with the Windows service documentation: https://tomcat.apache.org/tomcat-9.0-doc/windows-service-howto.html Also, it would make reading your messages easier if your e-mail client were configured to indent or otherwise mark the text you’re replying to. - Chuck >> Variable name: Sun.io.useCanonCaches >> Variable value: false > > Is this a Windows environment variable? If so, it will have no effect. > It is also spelled incorrectly (cASe matTERs). If you end up setting a system > preference, please spell it properly if you want it to take effect. > > Taken directly from CVE: > running on Java 8 or Java 11: the system property sun.io.useCanonCaches must > be explicitly set to false (it defaults to true) > > I'm curious, are you actually running Tomcat with read-only set to FALSE? You > would only do that under very very VERY specific circumstances. And you would > only allow authenticated access to your server, and already trust those users > not to attack you, right? > > > > -chris > >> -----Original Message----- >> From: Mark Thomas <ma...@apache.org> >> Sent: Friday, December 20, 2024 12:12 PM >> To: users@tomcat.apache.org >> Subject: Re: Setting sun.io.useCanonCaches to flase >> >> add the following to setenv.bat >> >> set CATALINA_OPTS=%CATALINA_OPTS% -Dsun.io.useCanonCaches=false >> >> If running as a service then system properties are set on the Java tab. >> You'd add: >> >> -Dsun.io.useCanonCaches=false >> >> Note: You only need to worry about this or CVE-2034-50379 if you have set >> readonly="false" on the default servlet. >> >> Mark >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org >> For additional commands, e-mail: users-h...@tomcat.apache.org >> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org >
