Author: remy.maucherat(a)jboss.com
Date: 2008-01-14 06:04:56 -0500 (Mon, 14 Jan 2008)
New Revision: 392
Modified:
trunk/build.properties.default
trunk/build.xml
trunk/conf/catalina.policy
Log:
- Update minor deps.
- JULI should use stricter permissions.
- Package JBoss Logging with bootstrap.jar (putting it inside JULI with its new
permissions causes weird errors).
Modified: trunk/build.properties.default
===================================================================
--- trunk/build.properties.default 2008-01-09 18:27:13 UTC (rev 391)
+++ trunk/build.properties.default 2008-01-14 11:04:56 UTC (rev 392)
@@ -31,7 +31,7 @@
base-tomcat.loc=http://archive.apache.org/dist/tomcat
# ----- Commons Logging, version 1.1 or later -----
-commons-logging-src.loc=${base-jakarta.loc}/commons/logging/source/commons-logging-1.1-src.tar.gz
+commons-logging-src.loc=${base-jakarta.loc}/commons/logging/source/commons-logging-1.1.1-src.tar.gz
# ----- Webservices -----
jaxrpc-src.loc=http://repo1.maven.org/maven2/geronimo-spec/geronimo-spec-...
@@ -65,12 +65,12 @@
commons-collections-src.loc=${base-jakarta.loc}/commons/collections/source/commons-collections-3.2-src.tar.gz
# ----- NSIS, version 2.0 or later -----
-nsis.home=${base.path}/nsis-2.22
+nsis.home=${base.path}/nsis-2.34
nsis.exe=${nsis.home}/makensis.exe
nsis.installoptions.dll=${nsis.home}/Plugins/InstallOptions.dll
nsis.nsexec.dll=${nsis.home}/Plugins/nsExec.dll
nsis.nsisdl.dll=${nsis.home}/Plugins/NSISdl.dll
-nsis.loc=${base-sf.loc}/nsis/nsis-2.22-setup.exe
+nsis.loc=${base-sf.loc}/nsis/nsis-2.34-setup.exe
# ----- Commons Daemon, version 1.0-Alpha or later -----
commons-daemon.home=${base.path}/commons-daemon-1.0.1
Modified: trunk/build.xml
===================================================================
--- trunk/build.xml 2008-01-09 18:27:13 UTC (rev 391)
+++ trunk/build.xml 2008-01-14 11:04:56 UTC (rev 392)
@@ -182,6 +182,7 @@
<include name="org/apache/catalina/security/SecurityClassLoad.class"
/>
<include name="org/apache/naming/JndiPermission.class" />
<include name="org/apache/tomcat/util/compat/*" />
+ <include name="org/jboss/logging/**" />
<!-- Javadoc and i18n exclusions -->
<exclude name="**/package.html" />
<exclude name="**/LocalStrings_*" />
@@ -192,7 +193,6 @@
<jar jarfile="${tomcat-juli.jar}">
<fileset dir="${tomcat.classes}">
<include name="org/apache/juli/**" />
- <include name="org/jboss/logging/**" />
<!-- Javadoc and i18n exclusions -->
<exclude name="**/package.html" />
<exclude name="**/LocalStrings_*" />
Modified: trunk/conf/catalina.policy
===================================================================
--- trunk/conf/catalina.policy 2008-01-09 18:27:13 UTC (rev 391)
+++ trunk/conf/catalina.policy 2008-01-14 11:04:56 UTC (rev 392)
@@ -47,7 +47,19 @@
// These permissions apply to the logging API
grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
- permission java.security.AllPermission;
+ permission java.util.PropertyPermission
"java.util.logging.config.class", "read";
+ permission java.util.PropertyPermission
"java.util.logging.config.file", "read";
+ permission java.lang.RuntimePermission "shutdownHooks";
+ permission java.io.FilePermission
"${catalina.base}${file.separator}conf${file.separator}logging.properties",
"read";
+ permission java.util.PropertyPermission "catalina.base",
"read";
+ permission java.util.logging.LoggingPermission "control";
+ permission java.io.FilePermission
"${catalina.base}${file.separator}logs", "read, write";
+ permission java.io.FilePermission
"${catalina.base}${file.separator}logs${file.separator}*", "read,
write";
+ permission java.lang.RuntimePermission "getClassLoader";
+ // To enable per context logging configuration, permit read access to the
appropriate file.
+ // Be sure that the logging configuration is secure before enabling such access
+ // eg for the examples web application:
+ // permission java.io.FilePermission
"${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties",
"read";
};
// These permissions apply to the server startup code