Hello all,

I have a Servlet running on tomcat-5.5.20, Ubuntu Feisty Fawn, which is accessing some hardware through a shell script. The following provides adequate permissions for everything to work

grant {
    permission java.io.FilePermission "/bin/sh", "execute";
permission java.io.FilePermission "/tmp/thinktank-scanner.bmp", "read,delete";
};

However, you may notice that the "grant" provides this level of access to *all* Servlets and JSPs. I'd like to restrict the permissions to just my Servlet.

My application is mounted on /scanner and the servlet is mounted on / scanner/scanner, the only jar file in the application is located at

  /var/lib/tomcat5.5/webapps/scanner/WEB-INF/lib/scanner.jar

As far as I understand it, if I change my permissions to

grant codeBase "jar:file:${catalina.home}/webapps/scanner/WEB-INF/lib/ scanner.jar!/-" {
     permission java.io.FilePermission "/bin/sh", "execute";
permission java.io.FilePermission "/tmp/thinktank-scanner.bmp", "read,delete";
};

then everything should work... but it doesn't. Instead I don't get any permissions in my Servlet to do what I need to do.

Does anyone have any ideas?

--
Sam

http://fommil.me.uk
http://javablog.co.uk



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to