Bug#316580: tomcat4 with kaffe and security manager does not start

Andreas Krüger Andreas Krüger <andreas.krueger@famsik.de>, 316580@bugs.debian.org
Thu Jul 7 21:39:10 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael Koch wrote:

> You are really suggesting to deactivate the security manager by default?

What I really suggest is: When I install Sarge Tomcat on a Sarge box,
together with all packages it depends on, it should operate.

Personally, I much rather deactivate the security manager, than throw
Tomcat 4 out of Sarge main back into contrib. I am willing to go with
Tomcat 4 rather than Tomcat 5, and make do without this, that, and the
other feature, if that buys me free software. The web application that I
intend to deploy has not yet been written, so I can make it happen.

> The bug is in kaffe not tomcat4. Tomcat4 works fine with other runtimes with
> security manager enabled. The bug in kaffe is fixed in CVS and probably in
> unstable too.

Good to know. Thank you for the information.

This particular bug is concerned with Sarge, though. This will be a
"production server" (of sorts). The security team's backing is important
for me, for whatever I end up running.

> I can't check currently. This needs to be checked and this bug
> needs then get moved to kaffe and tagged "sarge".

Disabling the security manager is not something to be taken lightly, yes.
Pulling a brand-new release of kaffe into Sarge is not to be taken lightly,
either.  Which of these two, or maybe what else, is the best way for Debian
to get Tomcat Sargly running?

I tend to lean towards "pulling kaffe", if that is an option. Is it? I am
not sure what the right answer is. In particular, I am an old hat at
Tomcat, but fairly new as a Kaffe user. So I cannot judge the relative
stability of the Kaffe version presently in Sarge, vs. the Kaffe version
that has the bug fix.  Me, I just file them bugs ;-) ...

Regards, and thank you for providing fine software,

Andreas

andreas.krueger@famsik.de
PGP-Schlüssel 0xA207E340 (http://www.pca.dfn.de/dfnpca/pgpkserv/)
Fingerprint B46B C7BA FFEE AD41 35DD  49C3 9D6A E529 A207 E340
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCzZyQnWrlKaIH40ARAmcIAKCVygHg/fQ9ppNQmG/KIVqaRj1qFwCdHchK
8w0LDheZA5yfiiA81GWRZzs=
=kzzg
-----END PGP SIGNATURE-----