https://bz.apache.org/bugzilla/show_bug.cgi?id=65332
--- Comment #1 from Mark Thomas <ma...@apache.org> --- I don't see a better way of doing what you did. The existing Tomcat security policy uses java.security.AllPermission for trusted code so your solution is arguably better as it only grants the permissions required. I looked into adding something to $CATALINA_BASE/conf/catalina.policy but the using the jrt protocol with Java 8 triggers a series of exceptions when Tomcat starts. They aren't fatal but it isn't a good look. The best solution I have right now is a commented out section in catalina.policy for using javac with Java 9+. Better suggestions welcome. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
