cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Lamb <>
Subject RE: [PATCH] Cocoon 2 Relative Directory Fix
Date Tue, 18 Apr 2000 14:51:38 GMT
> Isn't this a bit more complex in actual reality??
Yes it is.

> You are bringing up a very important point, which is security 
> related. What
> resources should Cocoon be allowed to obtain outside the 
> Servlet context. How
> do we restrict the use of ../../../ to obtain system 
> information? How about
> symbolic links?
But I only see three options: 1) _all_ resource access has to go thru the
servlet engine; 2) resource access doesn't go thru the servlet engine at
all--requiring things like relative path support; or 3) a combo of both

I've been working on a few changes for 1.7.3 that would enable most resource
access to use the servlet engine. I've become convinced that there are
situations for doing a File(explicitFilename) from within a servlet based
code, but this should be a big exception and not the norm. Option 2 isn't
particularly great, since you loose a lot of fuctionality of the servlet

For a project I'm on right now, we're creating an abstraction for resources
that handles how to get to the actual resource. This ResourceAccessor is
really the public interface to the caching system. Outside the cache
manager, any File() or ServletContext.getResource() calls are strictly
forbidden. This concept is already started in cocoon but isn't consistantly
carried out.

Paul Lamb

View raw message