Author: markt
Date: Sun Nov 30 12:14:59 2008
New Revision: 721886
URL: http://svn.apache.org/viewvc?rev=721886&view=rev
Log:
Allow webapps to access org.apache.jasper.el package.
I have looked through the package and I believe this change is safe although
more eyes would be good. Without this permission, a handful of TCKs fail if
tested with a security manager enabled.
Modified:
tomcat/trunk/conf/catalina.policy
Modified: tomcat/trunk/conf/catalina.policy
URL:
http://svn.apache.org/viewvc/tomcat/trunk/conf/catalina.policy?rev=721886&r1=721885&r2=721886&view=diff
==============================================================================
--- tomcat/trunk/conf/catalina.policy (original)
+++ tomcat/trunk/conf/catalina.policy Sun Nov 30 12:14:59 2008
@@ -14,7 +14,7 @@
// limitations under the License.
// ============================================================================
-// catalina.corepolicy - Security Policy Permissions for Tomcat @VERSION_MAJOR@
+// catalina.corepolicy - Security Policy Permissions for Tomcat 6
//
// This file contains a default set of security policies to be enforced (by the
// JVM) when Catalina is executed with the "-security" option. In addition
@@ -134,7 +134,8 @@
// Allow read of JAXP compliant XML parser debug
permission java.util.PropertyPermission "jaxp.debug", "read";
- // Precompiled JSPs need access to this package.
+ // Precompiled JSPs need access to these packages.
+ permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.jasper.el";
permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.jasper.runtime";
permission java.lang.RuntimePermission
"accessClassInPackage.org.apache.jasper.runtime.*";
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
