rpms / tomcat

Clone
Source Code
GIT

Blame tomcat-9.0-catalina-policy.patch

9.0 el6 epel7 epel8 epel9 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 main rawhide stream-tomcat-201908
  1.   3d349e6aeafcabfd53be4239c7b951ada14b7f5b
  2.   tomcat-9.0-catalina-policy.patch
Blob History Raw
8e4906e 
--- conf/catalina.policy.orig	2022-11-04 16:17:41.227506990 +0800
8e4906e 
+++ conf/catalina.policy	2022-11-04 16:21:51.393351415 +0800
8e4906e 
@@ -56,6 +56,15 @@ grant codeBase "file:${java.home}/lib/ex
fde9af6 
 //        permission java.security.AllPermission;
fde9af6 
 //};
8d14571
4dc51a6 
+// ========== RHEL SPECIFIC CODE PERMISSIONS =======================================
4dc51a6 
+
8d14571 
+
4dc51a6 
+// Allowing everything in /usr/share/java allows too many unknowns to be permitted
4dc51a6 
+// Specifying the individual jars that tomcat needs to function with the security manager
4dc51a6 
+// is the safest way forward.
8d14571 
+grant codeBase "file:/usr/share/java/ecj/ecj.jar" {
4dc51a6 
+        permission java.security.AllPermission;
4dc51a6 
+};
4dc51a6
fde9af6 
 // ========== CATALINA CODE PERMISSIONS =======================================
8d14571
8e4906e 
@@ -261,4 +270,4 @@ grant codeBase "file:${catalina.home}/we
fde9af6 
 //
fde9af6 
 // The permissions granted to a specific JAR
fde9af6 
 // grant codeBase "war:file:${catalina.base}/webapps/examples.war*/WEB-INF/lib/foo.jar" {
fde9af6 
-// };
fde9af6 
\ No newline at end of file
fde9af6 
+// };
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.