https://bz.apache.org/bugzilla/show_bug.cgi?id=64488
--- Comment #2 from Konstantin Kolinko <knst.koli...@gmail.com> ---
(In reply to volosied+apache from comment #0)
> Permission:
> ("java.io.FilePermission"
> "/Library/Java/JavaVirtualMachines/adoptopenjdk-8-openj9.jdk/Contents/Home/
> jre/lib/rt.jar" "read")
How does it happen that it does not have a read permission for "rt.jar"?
In your case (looking at the proposed patch - attachment 37286) it is a
getResource() call that is blocked by lacking permissions. Does it mean that
not only loading of resources, but loading classes from rt.jar is blocked as
well? Why? For what purpose? (*)
Is it a real-world configuration? Why is it configured like that?
(*) E.g. looking a 'loadClass(name)' call a few lines later just below the code
affected by the patch - at ImportHandler line 463. - Will it fail?
(In reply to Mark Thomas from comment #1)
> If you can provide the simplest possible JSP that triggers this issue on a
> clean Tomcat 10 install we can take a look.
+1
I would like to see steps and code that are sufficient to reproduce the
behaviour.
(From your stack trace I guess that you are running a JSP page, but not from
within Apache Tomcat.)
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
