tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <craig...@apache.org>
Subject Re: security and a servlet using core catalina classes
Date Thu, 10 May 2001 00:21:41 GMT


On 9 May 2001, Fabien Le Floc'h wrote:

> Thanks for your answer,
> 
> I decided to put my servlet in the catalina hierarchy (on my personal
> computer). When it will be more advanced, I could even propose it as a
> contribution to catalina.
> 

Any hints on what it actually does?

> But I think would have been possible to bypass the "security" by just
> using reflection to call the core methods.
> 

Doing this would mean making it possible for an end user servlet to do
nasty things like shut down the server, or snoop the sessions of some
other web app.  Once you have access to the server's internals, there is
basically no method you would not be able to call.

In addition, the current Catalina architecture conforms to a suggested
behavior in the Servlet 2.3 PFD2 Specification (Section 9.7.2):

    "The classloader that a container uses to load a servlet in
    a WAR must not allow the WAR to override J2SE or Java servlet
    API classes.  It is futher recommended that the loader not
    allow servlets in the WAR access to the web container's
    implementation classes.

> Regards,
> 
> Fabien
> 

Craig



Mime
View raw message