|
Mantis - Resin
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 2281 | major | always | 12-30-07 23:01 | 01-02-08 11:02 | |
|
|
|||||
| Reporter: | norlab | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | 3.1.3 | ||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 3.1.5 | ||
|
|
|||||
| Summary: | 0002281: Security Manager does not appear to be working | ||||
| Description: |
<security-manager/> tag used. /resin/bin/httpd.sh -conf /resin/conf/vhosts/www.domain.com.conf -server domain start Empty resin1.policy file and resin starts. Nothing has been granted, but Resin starts with full permissions. <jvm-arg>-Djava.security.policy=file:/resin/resin1.policy</jvm-arg> <jvm-arg>-Djava.library.path=/resin/libexec64</jvm-arg> <jvm-arg>-Djava.security.debug=policy</jvm-arg> <jvm-arg>-J-d64</jvm-arg> <jvm-arg>-Xmx256m</jvm-arg> <jvm-arg>-Xss1m</jvm-arg> <jvm-arg>-Dcom.sun.management.jmxremote</jvm-arg> <jvm-arg>-Xdebug</jvm-arg> Solaris 10, java.policy file empty. Removed java.security file |
||||
| Steps To Reproduce: | |||||
| Additional Information: |
Log output: policy: getPermissions: PD CodeSource: (file:/usr/local/src/resin-pro-3.1.3/lib/resin.jar <no signer certificates>) PD ClassLoader: sun.misc.Launcher$AppClassLoader@39a125f0 PD Principals: <no principals> policy: evaluate codesources: Policy CodeSource: (null <no signer certificates>) Active CodeSource: (file:/usr/local/src/resin-pro-3.1.3/lib/resin.jar <no signer certificates>) policy: evaluate principals: Policy Principals: null Active Principals: [] policy: evaluation (codesource/principals) passed policy: granting (java.net.SocketPermission localhost:1024- listen,resolve) policy: granting (java.util.PropertyPermission java.version read) policy: granting (java.util.PropertyPermission java.vendor read) policy: granting (java.util.PropertyPermission java.vendor.url read) policy: granting (java.util.PropertyPermission java.class.version read) policy: granting (java.util.PropertyPermission os.name read) policy: granting (java.util.PropertyPermission os.version read) policy: granting (java.util.PropertyPermission os.arch read) policy: granting (java.util.PropertyPermission file.separator read) policy: granting (java.util.PropertyPermission path.separator read) policy: granting (java.util.PropertyPermission line.separator read) policy: granting (java.util.PropertyPermission java.specification.version read) policy: granting (java.util.PropertyPermission java.specification.vendor read) policy: granting (java.util.PropertyPermission java.specification.name read) policy: granting (java.util.PropertyPermission java.vm.specification.version read) policy: granting (java.util.PropertyPermission java.vm.specification.vendor read) policy: granting (java.util.PropertyPermission java.vm.specification.name read) policy: granting (java.util.PropertyPermission java.vm.version read) policy: granting (java.util.PropertyPermission java.vm.vendor read) policy: granting (java.util.PropertyPermission java.vm.name read) policy: evaluate codesources: Policy CodeSource: (file:/usr/jdk/instances/jdk1.5.0/jre/lib/ext/* <no signer certificates>) Active CodeSource: (file:/usr/local/src/resin-pro-3.1.3/lib/resin.jar <no signer certificates>) policy: evaluation (codesource) failed Resin Professional 3.1.3 (built Sun, 07 Oct 2007 06:30:19 PDT) Copyright(c) 1998-2007 Caucho Technology. All rights reserved. xxxxxxx.license -- 1 Resin server Starting Resin on Sun, 30 Dec 2007 22:12:12 -0800 (PST) |
||||
| Relationships | |||||
| Attached Files: | |||||
| There are no notes attached to this issue. |