Rainer Jung wrote:
George Sexton schrieb:
I will try a wild-card permission and see what happens.
Thank you. One caveat: I tried to end it the path with
"${file.separator}-", but that doesn't work. When using the trailing "-"
syntax, you really have to use a real file separator, not the variable :(
Thanks for the tip. That probably would have driven me nuts.
I tried the wild card permission, and it does "solve" the problem. I had
to give the permission to the top of my webapps directory. I did a quick
audit of the code, and don't see anything that global read would be bad
for.
If you modify catalina.policy to "solve" the problem, you're opening
things up in the future for a security hole. Someone will add something
to the jar that can do an arbitrary read and then bang, there's a major
vulnerability staring at you.
From a philosophical standpoint, having to create a policy log entry so
the system doesn't throw an exception looking for a non-existent file is
not desirable.
--
George Sexton
MH Software, Inc.
Voice: +1 303 438 9585
URL: http://www.mhsoftware.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
