DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=38352>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=38352 ------- Additional Comments From [EMAIL PROTECTED] 2006-02-21 03:24 ------- (In reply to comment #0) Ok, lets see if I can get myself fired here ;-). > This patch adds additional entries to the catalina.policy file. Specifically: > The catalina.base/shared directory is added and given equal permissions to > catalina.home/common If it works for you, fine. Change it in your copy. However, in general ${catalina.base}/shared will consist of untrusted code, so I don't think it's a good idea to trust it in the default policy file (which, by design, tries to be as strict as possible). > java.io.tmpdir is now readable. Don't see the need. If you depend on this, your app is non-portable since there is no requirement that javax.servlet.context.tempdir has any relation to java.io.tmpdir. In fact, a servlet container is perfectly free to set java.io.tmpdir to /dev/null if it wants. > javax.servlet.context.tempdir is now readable. I think to be compliant with the > spec, this must be allowed. This is a request attribute, not a System attribute. This does nothing. > Directory specified by java.io.tmpdir (which is what tomcat points > javax.servlet.context.tempdir to) is now read, write, delete. Again, I think the > spec requires this. Would need to research this one. Like pretty much everybody else, I don't spend enough time testing with SM. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
