tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Remy Maucherat" <>
Subject Re: [PROPOSAL] Tomcat 4.1 Security Changes
Date Mon, 26 Nov 2001 17:28:08 GMT
> Remy Maucherat wrote:

> > If you give the appropriate permissions to allow SSI and CGI, you're
> > actually giving AllPermissions anyway (since you're allowing a native
> > or executable to run, which is not constrained by the Java sandbox), so
> > missing the point here.
> >
> Yes, once control is handed over to a native executable from the CGI
> all sandbox protections are lost.
> But perhaps the Tomcat admin only wants to allow the user to execute
specific CGI
> scripts which are known to be secure and can not be modified. By
configuring a
> policy for the CGI servlet the admin can restrict what CGI scripts can be
> read and executed using a FilePermission.

Yes, you could do that. That's still quite risky (any vulnerability in the
script itself, and your server is compromised).

> > This seems reasonable.
> > (Of course, it's going to break all the scripts yet again ;-))
> Which scripts?

- The Catalina scripts (obviously)
- The installer scripts
- My Slide build script

But it's ok, really. It's not like it's the first time or the last time it
happens ;-)
You can do the updates to the Catalina scripts, and I'll do the rest.


To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message