/etc/jetty8/policy/temp-dirs.policy is in jetty8 8.1.19-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 | // This file contains permissions for various temporary directories that
// jetty might operate under.
//
// Careful auditing of this file is recommended for your particular use case
//
// the tmp directory is where webapps are unpacked by default so setup their restricted permissions
//
grant codeBase "file:${java.io.tmpdir}${/}" {
permission java.io.FilePermission "${jetty.home}${/}webapps${/}-", "read"; // Ought to go up a specific codebases
permission java.io.FilePermission "${java.io.tmpdir}${/}-", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";
};
//
// some operating systems have tmp as a symbolic link to /private/tmp
//
grant codeBase "file:/private${java.io.tmpdir}${/}-" {
permission java.io.FilePermission "${jetty.home}${/}webapps${/}-", "read"; // Ought to go up a specific codebase
permission java.io.FilePermission "/private/${java.io.tmpdir}${/}-", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.class", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.stderr.DEBUG", "read";
permission java.util.PropertyPermission "org.eclipse.jetty.util.log.IGNORED", "read";
};
|