tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Speed <psp...@progeeks.com>
Subject [PATCH] SSI Security
Date Thu, 29 Nov 2001 08:30:21 GMT
As promissed...

I've attached my patches to allow the "exec" directive to be enabled
or disabled (disabled by default).  The extra safety check I've built
in isn't really necessary, but it causes no harm and may prevent some
accidental foot-shootings in the future.

ssi-exec.patch is a diff -u from the catalina/src directory.  (We'll
see if the attachment actually works to the list since I've had 
problems with that before.)

Left up to discussion is the vulnerability of the jar file itself.
I contend that since the jar is in the server/lib class loader that
it is perfectly safe.  Indeed, when I played with moving it into 
shared it resulted in broken dependencies with at least one class 
in server/lib.

If it is not safe then it brings up a larger issue since all 
server/lib class have AllPermission and can therefore do whatever
they want.  If these classes are exploitable by webapps then it seems
to me that security should be set more fine grained (including not
allowing file execute for any file).  Otherwise, there's always risk
that some backdoor will be left open.

-Paul
Mime
View raw message