I wasn't sure if I should post this here or in another forum. I am not actively developing JForum but recently installed it on Tomcat with the security manager active. I took about a half day to create the security policy by granting appropriate access as access errors were generated.
One access error is on the
servlet initialization freemarker is trying to read /root. I did not grant this permission and it seems to run OK, I just get the error in my log each time the Servlet is initializing (reboot Tomcat). I am running Tomcat as a non-root user with jsvc. The stack trace is below. I'm not sure why the Servlet init would try to read from /root. By this time Tomcat is already running as the non-root user. The jforum application log also has an error for the access denied which is in the second code section.
This is probably not an issue. I looked at the freemarker javadocs but I have not looked at the JForum code. I am not familiar with freemarker but it appears this is happening when the template cache is being initialized and it is probably using the /root directory by default. My apologies in advance if this is a false alarm but I thought it was worth bringing up to get others opinions.
[originally posted on jforum.net by parisila]