Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

To: Bernd Eckenfels <ecki@lina.inka.de>
Cc: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
From: Nihil <nihil@nanihil.com>
Date: Sun, 06 Jan 2008 21:26:53 +0100
Message-id: <[🔎] 1199651213.5035.7.camel@localhost>
In-reply-to: <[🔎] E1JBawv-0000ZC-00@calista.eckenfels.net>
References: <[🔎] E1JBawv-0000ZC-00@calista.eckenfels.net>

On Son, 2008-01-06 at 20:14 +0100, Bernd Eckenfels wrote:
> In article <[🔎] 1199525586.8906.7.camel@localhost> you wrote:
> > (java.io.FilePermission
> > /home/nihil/www/java/WEB-INF/classes/logging.properties read)
> 
> > (it worked before the update and permission are set correctly, i double checked)
> 
> This is a java security policy violation, not related to OS file
> permissions. Maybe you started it with security policy and did not before?
> 
> Gruss
> Bernd
> 
> 
no init.d script always starts with security manager enabled. and I am
sure because I had to write java policy for access e.g. my database.

Reply to:

References:
- Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
  - From: Bernd Eckenfels <ecki@lina.inka.de>

Prev by Date: Re: netstat shows strange output
Next by Date: Re: netstat shows strange output
Previous by thread: Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
Next by thread: Re: [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities
Index(es):
- Date
- Thread