On 25/11/2013 12:07, Konstantin Kolinko wrote: > 2013/11/25 Mark Thomas <ma...@apache.org>: >> On 25/11/2013 11:29, Konstantin Kolinko wrote: >>> 2013/11/25 <ma...@apache.org>: >>>> Author: markt >>>> Date: Mon Nov 25 10:26:26 2013 >>>> New Revision: 1545213 >>>> >>>> URL: http://svn.apache.org/r1545213 >>>> Log: >>>> When running under a security manager disabled deployXML by default. >>>> >>> >>> +1. >>> >>> Note, that >>> The manager application in its default configuration will stop working >>> >>> There was a thread in October, >>> "can't connect to manager application" >>> http://markmail.org/thread/ob3kjbnvu2usljmz >>> >>> I thought to add this effect to the description of "deployXML" >>> attribute, but have not got there yet. >>> >>> Similarly, if someone has important bits in their META-INF/context.xml >>> such as RemoteAddrValve and AccessLogValve, those will be ignored with >>> this change. If those were not critical to one's web application and >>> it starts successfully, it will lower their security, >> >> Ah. That isn't good. I think it will be safer to introduce this change >> only in 8.0.x. It can be documented in the migration guide. That sort of >> change in a point release is going to catch people out. >> > > A thought: > A possible enhancement to the behaviour of "deployXML=false": > > Do not start applications that have their own META-INF/context.xml, > unless there is an explicit configuration for them in conf/*. > > This takes care of occasionally ignoring a RemoteAddrValve and similar > (such as the RemoteAddrValve that we may enable by default in the > Manager webapp).
That would work. I'll take a look. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org