tomcat/tomcat-9.0-catalina-policy.patch
Troy Dawson 5cb8db1cc4 RHEL 9.0.0 Alpha bootstrap
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/tomcat#f60e452abe83bd7a39a5d2d676b4d9b4b325a83d
2020-10-15 12:56:41 -07:00

21 lines
686 B
Diff

--- conf/catalina.policy.orig 2020-04-22 14:51:13.734893403 -0400
+++ conf/catalina.policy 2020-04-22 15:14:57.609677967 -0400
@@ -51,6 +51,17 @@ grant codeBase "file:${java.home}/lib/ex
};
+// ========== RHEL SPECIFIC CODE PERMISSIONS =======================================
+
+
+// Allowing everything in /usr/share/java allows too many unknowns to be permitted
+// Specifying the individual jars that tomcat needs to function with the security manager
+// is the safest way forward.
+grant codeBase "file:/usr/share/java/ecj/ecj.jar" {
+ permission java.security.AllPermission;
+};
+
+
// ========== CATALINA CODE PERMISSIONS =======================================