Bug#461355: tomcat5.5: More restrictive JULI permissions break java.util.logging.
Marcus Better
marcus at better.se
Fri Jan 18 05:22:19 UTC 2008
found 461355 5.5.25-4
found 461355 5.5.25-5
thanks
Alexander Hvostov wrote:
> As you know, in tomcat5.5
> 5.5.20-2etch1, /etc/tomcat5.5/policy.d/03catalina.policy contains more
> restrictive permissions for JULI than was previously the case.
Yes, see #460839 where we deal with this for the tomcat5.5-webapps.
The stricter permissions are part of a tightened security policy. I
think our options are:
(i) Change JULI not to look for the logging.properties in those places
unless specifically configured to do it,
(ii) Give blanket permission for JULI to look up logging.properties
files in all webapps (possibly circumventing the security fix),
(iii) Leave as is and let users add the necessary permissions.
Cheers,
Marcus
More information about the pkg-java-maintainers
mailing list