rpms / tomcat

Clone
Source Code
GIT

Files

  1.   aa5454a
  2.   tomcat-7.0-catalina-policy.patch
Blob Blame History Raw 
--- conf/catalina.policy	2016-07-07 16:31:44.473000159 -0400
+++ conf/catalina.policy	2016-07-07 16:32:14.349000359 -0400
@@ -51,6 +51,36 @@
 };
 
 
+// ========== RHEL SPECIFIC CODE PERMISSIONS =======================================
+
+// Allowing everything in /usr/share/java allows too many unknowns to be permitted
+// Specifying the individual jars that tomcat needs to function with the security manager
+// is the safest way forward.
+grant codeBase "file:/usr/share/java/tomcat-el-2.2-api.jar" {
+        permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/tomcat-jsp-2.2-api.jar" {
+        permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/tomcat-servlet-3.0-api.jar" {
+        permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/jakarta-commons-collections.jar" {
+        permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/jakarta-commons-dbcp.jar" {
+        permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/ecj.jar" {
+        permission java.security.AllPermission;
+};
+grant codeBase "file:/usr/share/java/log4j.jar" {
+        permission java.security.AllPermission;
+};
+
 // ========== CATALINA CODE PERMISSIONS =======================================
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.