Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

After upgrading to 5.5.25, I also got:
Caused by: java.security.AccessControlException: access denied (java.io.FilePermission ...webapps/.../WEB-INF/classes/logging.properties read)

I found that it was because the file didn't exist (5.5.20 worked without it).

Hope this helps you solve the problem.


ps: I tried creating an empty logging.properties file (not knowing if this would break logging). It got me further, but I don't think it is the right thing to do.