From: markt Date: Sun, 30 Nov 2008 20:14:59 +0000 (+0000) Subject: Allow webapps to access org.apache.jasper.el package. X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=f41ad17216ca5f29323b4c463423033843d98752;p=tomcat7.0 Allow webapps to access org.apache.jasper.el package. I have looked through the package and I believe this change is safe although more eyes would be good. Without this permission, a handful of TCKs fail if tested with a security manager enabled. git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@721886 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/conf/catalina.policy b/conf/catalina.policy index edb601b8f..f00aa60e6 100644 --- a/conf/catalina.policy +++ b/conf/catalina.policy @@ -14,7 +14,7 @@ // limitations under the License. // ============================================================================ -// catalina.corepolicy - Security Policy Permissions for Tomcat @VERSION_MAJOR@ +// catalina.corepolicy - Security Policy Permissions for Tomcat 6 // // This file contains a default set of security policies to be enforced (by the // JVM) when Catalina is executed with the "-security" option. In addition @@ -134,7 +134,8 @@ grant { // Allow read of JAXP compliant XML parser debug permission java.util.PropertyPermission "jaxp.debug", "read"; - // Precompiled JSPs need access to this package. + // Precompiled JSPs need access to these packages. + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.el"; permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime"; permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*";