tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 43983] New: - codeBase of a webapp changes if antiResourceLocking is active - Security policy fails
Date Wed, 28 Nov 2007 17:07:47 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43983>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=43983

           Summary: codeBase of a webapp changes if antiResourceLocking is
                    active - Security policy fails
           Product: Tomcat 6
           Version: 6.0.14
          Platform: Sun
        OS/Version: Windows Vista
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: mail@markus-kiss.de


I'm using Tomcat 6.0.14 with the "security" option in order to assign different
permissions to several webapps running within the Tomcat security sandbox.
However, I've encountered the following effect when I activate the
antiResourceLocking flag in the context.xml file of my webapp:

As this flag causes the server to copy all the files of my webapp to the temp
directory at runtime, the codeBase for the webapp also changes - but the
SecurityManager doesn't recognise that it has changed. Consequently, the
permissions for the specific webapp that I defined in catalina.policy actually
don't apply and I get an "access denied" exception. I have searched the web, the
security FAQ and newsgroups for a hint or a workaround, but with no success.
Neither the Tomcat Users Mailing List could help. With the help of the
java.security.debug=all option I came to the workaround to simply set the
codeBase in the catalina.policy file to the new location within the temp directory:

grant codeBase "file:${catalina.home}/temp/1-foo/-" {
        /* list of assigned permissions */
};

With this workaround everything works fine. However, the numeric prefix (e.g.
"1-") of the webapp copied to the temp folder eventually changes, for instance
when I redeploy the webapp or when I clear the temp directory. As a result, I
always have to keep the catalina.policy file up-to-date with the current prefix
of the webapp, otherwise the permissions fail.

I ask myself if there is a more elegant way to fix this problem, maybe by an
internal mapping of the original codeBase of the webapp in
${catalina.home}/webapps/ to the ${catalina.home}/temp/ directory which then
would be transparent for the SecurityManager? 

If there's no easy way to fix it, at least a hint should be placed in the Tomcat
Security FAQ that if antiResourceLocking is active, the codeBase of the webapp
has to be adapted within the catalina.policy file.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message