Bug#461355: tomcat5.5: More restrictive JULI permissions break java.util.logging.
Marcus Better
marcus at better.se
Sun Jan 20 07:22:51 UTC 2008
Michael Koch wrote:
> On Fri, Jan 18, 2008 at 12:44:11PM -0800, Alexander Hvostov wrote:
>> It could just catch the SecurityException while looking for
>> logging.properties and pretend that the file doesn't exist, possibly
>> after logging a message saying so.
>
> Yes that would be the most nicest as opening permission per default
> without need can open a security leak.
If the user creates that file then the security exception still gets
thrown, so it would be very confusing to pretend the file doesn't exist.
I'm not too happy about this idea.
Did the upstream default config change recently? Does it allow acess?
Marcus
More information about the pkg-java-maintainers
mailing list