rpms / tomcat

Clone
Source Code
GIT

Blame SOURCES/tomcat-9.0-catalina-policy.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c8s
  2.   SOURCES
  3.   tomcat-9.0-catalina-policy.patch
Blob History Raw
cbe921 
--- conf/catalina.policy.orig	2022-11-04 16:17:41.227506990 +0800
cbe921 
+++ conf/catalina.policy	2022-11-04 16:21:51.393351415 +0800
cbe921 
@@ -56,6 +56,15 @@ grant codeBase "file:${java.home}/lib/ex
cbe921 
 //        permission java.security.AllPermission;
cbe921 
 //};
cbe921
cbe921 
+// ========== RHEL SPECIFIC CODE PERMISSIONS =======================================
cbe921 
+
cbe921 
+
cbe921 
+// Allowing everything in /usr/share/java allows too many unknowns to be permitted
cbe921 
+// Specifying the individual jars that tomcat needs to function with the security manager
cbe921 
+// is the safest way forward.
cbe921 
+grant codeBase "file:/usr/share/java/ecj/ecj.jar" {
cbe921 
+        permission java.security.AllPermission;
cbe921 
+};
cbe921
cbe921 
 // ========== CATALINA CODE PERMISSIONS =======================================
cbe921
cbe921 
@@ -261,4 +270,4 @@ grant codeBase "file:${catalina.home}/we
cbe921 
 //
cbe921 
 // The permissions granted to a specific JAR
cbe921 
 // grant codeBase "war:file:${catalina.base}/webapps/examples.war*/WEB-INF/lib/foo.jar" {
cbe921 
-// };
cbe921 
\ No newline at end of file
cbe921 
+// };

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation