Configure applications to run in a sandbox using the Security Manager. The Security Manager restricts what classes Tomcat can access thus protecting your server from mistakes, Trojans, and malicious code. Rationale: By running Tomcat with the Security Manager, applications are run in a sandbox which can prevent untrusted code from accessing files on the file system.
Solution
The security policies implemented by the Java SecurityManager are configured in the $CATALINA_HOME/conf/catalina.policy file. Once you have configured the catalina.policy file for use with a SecurityManager, Tomcat can be started with a SecurityManager in place by using the -security option: On Unix: $ $CATALINA_HOME/bin/catalina.sh start -security On Windows: C:> %CATALINA_HOME%bincatalina start -security Default Value: By default the -security option is not utilized.