Problem with tomcat4 using java security manager
Hi!
I've installed the tomcat4 package on my Debian sid box, and I have a
problem: tomcat won't start unless I edit /etc/init.d/tomcat4 and change
the line
TOMCAT4_SECURITY=yes
to
TOMCAT4_SECURITY=no
When I try to start with the security manager on, in
/var/log/tomcat4/catalina.out I see this line:
Exception in thread "main" java.security.AccessControlException: access
denied (java.util.PropertyPermission catalina.base read)
I figured out that I could add this line in
/etc/tomcat4/policy.d/04webapps.policy (inside the
grant { } block):
permission java.util.PropertyPermission "catalina.base", "read";
... but that only got me as far as the next security exception. I ended
up adding all these lines:
permission java.util.PropertyPermission "catalina.base", "read";
permission java.util.PropertyPermission "user.dir", "read";
permission java.util.PropertyPermission "catalina.home", "read";
permission java.io.FilePermission "/usr/share/tomcat4/common/classes",
"read";
permission java.io.FilePermission
"/usr/share/tomcat4/common/endorsed", "read";
permission java.io.FilePermission "/usr/share/tomcat4/common/lib", "read";
permission java.lang.RuntimePermission "createClassLoader";
permission java.io.FilePermission
"/usr/share/java/commons-collections-2.1.jar", "read";
permission java.io.FilePermission
"/usr/share/java/commons-fileupload-1.0.jar", "read";
permission java.io.FilePermission "/usr/share/java/servlet-2.3.jar",
"read";
...and still not fixing the problem, when I realized that approach was
not very useful.
I don't see any bugs about this, so I guess this must be something
unique to my configuration.
My java install is from the j2sdk-1.4.1-01-linux-i586-gcc3.2.bin file
from a Blackdown mirror, installed as described in section 11.1.2 of the
Debian Java FAQ, and built and installed the dummy packages as described
in section 11.2 so the dependencies would be resolved.
I must be missing something.
Something that strikes me as really odd is that there is only the file
04webapps.policy in the directory /etc/tomcat4/policy.d. Am I missing
another policy file that's supposed to go in that directory?
Any help would be most appreciated.
--
forrest@abstractfactory.org
Reply to: