| CODENOTIFIER | HelpYou are not signed inSign in |
Project: PUNKsearch
Revision: 547
Author: ysoldak
Date: 27 Aug 2008 14:24:13
Changes:Diff:| ...... | @@ -1,34 +1,100 @@ | |
| 1 | 1 | grant codeBase "file:/usr/share/punksearch/web/-" { |
| 2 | // for System.getProperties() in admin's config.jsp | |
| 3 | permission java.util.PropertyPermission "*", "read,write"; | |
| 4 | ||
| 5 | // common permissions | |
| 6 | permission java.util.PropertyPermission "java.*", "read"; | |
| 7 | ||
| 8 | // our own permissions | |
| 2 | 9 | permission java.util.PropertyPermission "org.punksearch.*", "read,write"; |
| 10 | ||
| 11 | // for lucene | |
| 3 | 12 | permission java.util.PropertyPermission "org.apache.lucene.*", "read"; |
| 13 | ||
| 14 | // for jcifs | |
| 4 | 15 | permission java.util.PropertyPermission "jcifs.*", "read,write"; |
| 5 | permission java.util.PropertyPermission "java.*", "read"; | |
| 6 | // for System.getProperties() in admin's config.jsp | |
| 7 | permission java.util.PropertyPermission "*", "read,write"; | |
| 16 | permission java.util.PropertyPermission "file.encoding", "read"; | |
| 17 | ||
| 18 | // for multithreaded crawling and online status | |
| 19 | permission java.lang.RuntimePermission "modifyThread"; | |
| 20 | ||
| 21 | // read configurations | |
| 8 | 22 | permission java.io.FilePermission "/etc/punksearch/-", "read"; |
| 23 | ||
| 24 | // read own jars | |
| 9 | 25 | permission java.io.FilePermission "/usr/lib/punksearch/-", "read"; |
| 26 | ||
| 27 | // access to punksearch home | |
| 10 | 28 | permission java.io.FilePermission "/usr/share/punksearch/-", "read"; |
| 11 | permission java.io.FilePermission "/var/log/tomcat5.5/-", "read,write"; | |
| 29 | ||
| 30 | //permission java.io.FilePermission "/var/log/tomcat5.5/-", "read,write"; | |
| 31 | ||
| 32 | // access to own log directory | |
| 12 | 33 | permission java.io.FilePermission "/var/log/punksearch/-", "read,write"; |
| 13 | permission java.io.FilePermission "/var/lib/tomcat5.5/temp/-", "read,write"; | |
| 34 | ||
| 35 | // dump crawler status and temp crawling directories | |
| 36 | permission java.io.FilePermission "/var/lib/tomcat5.5/temp", "read"; | |
| 37 | permission java.io.FilePermission "/var/lib/tomcat5.5/temp/-", "read,write,delete"; | |
| 38 | ||
| 39 | // access to index directory and dump statistics (stats) | |
| 14 | 40 | permission java.io.FilePermission "/var/lib/punksearch/-", "read,write,delete"; |
| 41 | ||
| 42 | // access to common java libs | |
| 15 | 43 | permission java.io.FilePermission "/usr/share/java/-", "read"; |
| 44 | ||
| 45 | // connect to remote hosts to crawl | |
| 16 | 46 | permission java.net.SocketPermission "*:*", "connect,resolve"; |
| 47 | ||
| 48 | permission java.net.NetPermission "specifyStreamHandler"; | |
| 17 | 49 | }; |
| 18 | 50 | grant codeBase "file:/usr/lib/punksearch/-" { |
| 51 | // for System.getProperties() in admin's config.jsp | |
| 52 | permission java.util.PropertyPermission "*", "read,write"; | |
| 53 | ||
| 54 | // commons permissions | |
| 55 | permission java.util.PropertyPermission "java.*", "read"; | |
| 56 | ||
| 57 | // our own permissions | |
| 19 | 58 | permission java.util.PropertyPermission "org.punksearch.*", "read,write"; |
| 59 | ||
| 60 | // for lucene | |
| 20 | 61 | permission java.util.PropertyPermission "org.apache.lucene.*", "read"; |
| 62 | ||
| 63 | // for jcifs | |
| 21 | 64 | permission java.util.PropertyPermission "jcifs.*", "read,write"; |
| 22 | permission java.util.PropertyPermission "java.*", "read"; | |
| 65 | permission java.util.PropertyPermission "file.encoding", "read"; | |
| 66 | ||
| 67 | // for multithreaded crawling and online status | |
| 68 | permission java.lang.RuntimePermission "modifyThread"; | |
| 69 | ||
| 70 | // read configurations | |
| 23 | 71 | permission java.io.FilePermission "/etc/punksearch/-", "read"; |
| 72 | ||
| 73 | // read own jars | |
| 24 | 74 | permission java.io.FilePermission "/usr/lib/punksearch/-", "read"; |
| 75 | ||
| 76 | // access to punksearch home | |
| 25 | 77 | permission java.io.FilePermission "/usr/share/punksearch/-", "read"; |
| 26 | permission java.io.FilePermission "/var/log/tomcat5.5/-", "read,write"; | |
| 78 | ||
| 79 | //permission java.io.FilePermission "/var/log/tomcat5.5/-", "read,write"; | |
| 80 | ||
| 81 | // access to own log directory | |
| 27 | 82 | permission java.io.FilePermission "/var/log/punksearch/-", "read,write"; |
| 28 | permission java.io.FilePermission "/var/lib/tomcat5.5/temp/-", "read,write"; | |
| 83 | ||
| 84 | // dump crawler status and temp crawling directories | |
| 85 | permission java.io.FilePermission "/var/lib/tomcat5.5/temp", "read"; | |
| 86 | permission java.io.FilePermission "/var/lib/tomcat5.5/temp/-", "read,write,delete"; | |
| 87 | ||
| 88 | // access to index directory and dump statistics (stats) | |
| 29 | 89 | permission java.io.FilePermission "/var/lib/punksearch/-", "read,write,delete"; |
| 90 | ||
| 91 | // access to common java libs | |
| 30 | 92 | permission java.io.FilePermission "/usr/share/java/-", "read"; |
| 93 | ||
| 94 | // connect to remote hosts to crawl | |
| 31 | 95 | permission java.net.SocketPermission "*:*", "connect,resolve"; |
| 96 | ||
| 97 | permission java.net.NetPermission "specifyStreamHandler"; | |
| 32 | 98 | }; |
| 33 | 99 | grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" { |
| 34 | 100 | permission java.io.FilePermission "/usr/share/punksearch/web/WEB-INF/classes/logging.properties", "read"; |