9.1 Starting Tomcat with Security Manager

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Configure applications to run in a sandbox using the Security Manager. The Security Manager restricts what classes Tomcat can access thus protecting your server from mistakes, Trojans, and malicious code.


By running Tomcat with the Security Manager, applications are run in a sandbox which can prevent untrusted code from accessing files on the file system.


The security policies implemented by the Java SecurityManager are configured in the $CATALINA_HOME/conf/catalina.policy file. Once you have configured the catalina.policy file for use with a SecurityManager, Tomcat can be started with a SecurityManager in place by using the -security option:
On Unix:

$ $CATALINA_HOME/bin/catalina.sh start -security

On Windows:

C:> %CATALINA_HOME%bincatalina start -security

Default Value:

By default the -security option is not utilized.

See Also