[05:30] <mgalvin> hey guys, does tomcat run on top of gcj/gij
[05:31] <mgalvin> if so will there be a tomcat package for breezy
[05:32] <jbailey> None of the Free VMs have a working security manager.
[05:32] <jbailey> So the problem is that it *could* work, but you don't have any of the usual safety guarantees of Java.
[05:34] <mgalvin> ah i c
[05:35] <mgalvin> thnx
[05:44] <wasabi_> that's not what's holding it back
[05:44] <wasabi_> We just need tomcat 5 packages.
[05:44] <wasabi_> it runs fine (- security manager)
[05:44] <wasabi_> tomcat4 makes use of com.sun classes which are not in free JVMs
[05:49] <mgalvin> wasabi_ are there plans for getting tomcat5 packages into breezy?
[05:51] <wasabi_> I doubt we'll make breezy.
[05:51] <wasabi_> In fact, we won't.
[05:51] <wasabi_> Probably breezy +1 though
[06:02] <jbailey> wasabi_: Well, I wasn't mentioning the state of the packaging so much as why you shouldn't do it even if you can right now.
[06:37] <wasabi_> ahh, the security manager really isn't that big of a deal except for ISVs
[06:38] <jbailey> How do you figure?
[06:38] <wasabi_> The security manager protects you from code you yourself choose to run.
[06:38] <wasabi_> So does running as another user.
[06:39] <wasabi_> Or... more than likely, you should run code you don't trust anywa.s
[06:39] <jbailey> Can tomcat easily run different apps as different users now?  Last I checked it was a big monolith.
[06:39] <wasabi_> Well, that is true.
[06:40] <wasabi_> But it's not something the security manager is going to help with, except in the case where you are running untrusted software
[06:40] <wasabi_> (ISV)
[06:40] <wasabi_> maybe I mean ASP instead.
[06:40] <wasabi_> (ASP)
[06:40] <jbailey> IT people shouodn't trust their vendor's software either.
[06:40] <wasabi_> I mean, php doesn't even have a CONCEPT of a security manager
[06:40] <wasabi_> and people get by fine with it
[06:40] <wasabi_> Or cgi.
[06:40] <jbailey> Well, you at least have safe_mode with php
[06:41] <mgalvin> oh, also what about the firefox java plugin? right now the sun jre 1.5 is required for that. is there an open source alt for this? if not will gjc/gij and jre co-exists peacefully?
[06:41] <jbailey> And most ISPs I know don't do cgi anymore because they got tired of getting hacked.
[06:41] <wasabi_> heh.
[06:41] <jbailey> mgalvin: gcjwebplugin - see above warnings.
[06:41] <wasabi_> yeah the security manager matters big time for the web plugin
[06:42] <mgalvin> thanks guys!
[06:43] <wasabi_> Don't get me wrong, I'm not trying to downplay the security maanger for tomcat.
[06:43] <wasabi_> It's just not what's holding us back from packaging it.
[06:43] <jbailey> Right.  We're talking different sides of the problem.
[06:43] <wasabi_> avdyk has tomcat 5 packages in experimental now I believe.
[06:43] <wasabi_> But they don't run.
[06:43] <wasabi_> They need some work.
[06:43] <jbailey> I haven't mentioned packages anywhere here. =)
[10:46] <wasabi_> https://wiki.ubuntu.com/EclipsePlatform
[10:46] <wasabi_> I need to relearn wiki formatting and stuff unfortunatly.
[10:47] <wasabi_> Just trying to shine some light on the pieces, where they live.
[10:47] <wasabi_> Eventually I will get packaging policy up
[10:47] <wasabi_> For plugins and other components.
[10:47] <jbailey> I spent a bit of time this morning and will spend more later looking at doing the jar splitting on ppc
[10:47] <wasabi_> Jar splitting?
[10:47] <wasabi_> Whatcha mean?
[10:47] <wasabi_> What needs to be split?
[10:56] <jbailey> To work around a ppc bug with gcj
[10:57] <jbailey> Their aot-compile-rpc will split the jars automatically for compiling on pppc
[10:57] <jbailey> s/rpc/rpm
[11:07] <wasabi_> what's wrong with it on ppc?
[11:07] <wasabi_> Is it just that one of the jars don't work on ppc?
[11:08] <wasabi_> Could just exclude it. I've done that to a few that don't work. No biggy.
[11:13] <jbailey> It's in your backlog on #gcj from a couple days ago.  There's a bug in gcc.
[11:13] <jbailey> One of the RTL passes doesn't do what it should do.