2013/11/25 Mark Thomas <ma...@apache.org>: > On 25/11/2013 11:29, Konstantin Kolinko wrote: >> 2013/11/25 <ma...@apache.org>: >>> Author: markt >>> Date: Mon Nov 25 10:26:26 2013 >>> New Revision: 1545213 >>> >>> URL: http://svn.apache.org/r1545213 >>> Log: >>> When running under a security manager disabled deployXML by default. >>> >> >> +1. >> >> Note, that >> The manager application in its default configuration will stop working >> >> There was a thread in October, >> "can't connect to manager application" >> http://markmail.org/thread/ob3kjbnvu2usljmz >> >> I thought to add this effect to the description of "deployXML" >> attribute, but have not got there yet. >> >> Similarly, if someone has important bits in their META-INF/context.xml >> such as RemoteAddrValve and AccessLogValve, those will be ignored with >> this change. If those were not critical to one's web application and >> it starts successfully, it will lower their security, > > Ah. That isn't good. I think it will be safer to introduce this change > only in 8.0.x. It can be documented in the migration guide. That sort of > change in a point release is going to catch people out. >
A thought: A possible enhancement to the behaviour of "deployXML=false": Do not start applications that have their own META-INF/context.xml, unless there is an explicit configuration for them in conf/*. This takes care of occasionally ignoring a RemoteAddrValve and similar (such as the RemoteAddrValve that we may enable by default in the Manager webapp). Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
