Details
-
Type:
Bug
-
Status:
In Progress
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 0.8.2
-
Fix Version/s: None
-
Component/s: Bug / defect
-
Labels:None
-
Mantis ID:151
-
Standalone/WAR:WAR
Description
Ubuntu's default tomcat installation comes with a strict security policy. See /etc/tomcatX.X/policy.d/ for details.
Currently, the recommendation is to turn off the security manager which is, apparently, not a very good idea for a live site.
****** ADDITIONAL INFORMATION ******
The cosmo calendar server, from the OSAF Chandler Project, provides a basic security policy script which can be copied to the policy.d directory. Perhaps this could be used as a template?
See here: http://chandlerproject.org/Documentation/CosmoTomcat#Security for their suggestion.
Currently, the recommendation is to turn off the security manager which is, apparently, not a very good idea for a live site.
****** ADDITIONAL INFORMATION ******
The cosmo calendar server, from the OSAF Chandler Project, provides a basic security policy script which can be copied to the policy.d directory. Perhaps this could be used as a template?
See here: http://chandlerproject.org/Documentation/CosmoTomcat#Security for their suggestion.