In ISP environments, it's important that each user have restricted permissions to use the server. Normally, the web server will be run as a non-root user so the users can't read system files, but that user will still have read access.

Don't use a security manager if you're not in an ISP environment. There's no need for it and the security manager does slow the server down somewhat.

Adding a Java security manager puts each web-app into a "sandbox" where Java limits the things that can be done from code within th web-app.

The security manager is enabled by adding a <security-manager> tag in the resin.conf.

A useful resource is Sun's documentation about security , in particular the policy permissions and policy file syntax files are useful.

Each web-app automatically has permissions to read, write and delete any file under the web-app's directory, including WEB-INF. It also has read permission for the classpath, including <classpath> from the <host> and <server> contexts.

sample java.policy

# # Permissions allowed for everyone. # grant { permission java.util.PropertyPermission "*", "read"; permission java.lang.RuntimePermission "accessClassInPackage.*"; permission java.net.SocketPermission "mysql.myhost.com:3306" "connect"; permission java.io.FilePermission "/opt/resin/xsl/*", "read"; }; # # Give the system and Resin classes all permissions # grant codeBase "file:${resin.home}/lib/-" { permission java.security.AllPermission; }; grant codeBase "file:${java.home}/lib/-" { permission java.security.AllPermission; }; grant codeBase "file:${java.home}/jre/lib/-" { permission java.security.AllPermission; }; # # Give a specific web-app additional permissions. # grant codeBase "file:/opt/web/webapps/ejb/WEB-INF/-" { permission java.io.FilePermission "/opt/web/doc/*", "read"; };

Copyright © 1998-2003 Caucho Technology, Inc. All rights reserved. Resin® is a registered trademark, and HardCoretm and Quercustm are trademarks of Caucho Technology, Inc.