tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Glenn Nielsen <gl...@voyager.apg.more.net>
Subject Re: tomcat.policy limitation?
Date Sat, 21 Jul 2001 14:32:17 GMT
Joe Flowers wrote:
> 
> I am trying to grant a servlet in the
> "/usr/tomcat/jakarta-tomcat-3.2.2/webapps/ROOT/WEB-INF/classes/joe/"
> directory write permissions to the "/test.txt" file.
> 
> //---------------------------------------------------------------------------
> 
> The following code snippet from my tomcat.policy file seems to work
> correctly;
> I can write to the "/test.txt" file just fine with my servlet.
> 
> grant codeBase "file:/usr/tomcat/jakarta-tomcat-3.2.2/webapps/ROOT/-" {
>   permission java.io.FilePermission "/test.txt", "write";
> };
> 

Just a quick note, you may already know this, but the FilePermission path
is not Context relative.  So in the above, you were granting permission to
write to the root "/" of the file partition. Use:

permission java.io.FilePermission "${tomcat.home}/webapps/ROOT/test.txt", "write";

if you want to write a file into the root of the ROOT context directory.

> //---------------------------------------------------------------------------
> 
> BUT, the following code snippet does NOT work correctly.
> 
> grant codeBase
> "file:/usr/tomcat/jakarta-tomcat-3.2.2/webapps/ROOT/WEB-INF/-" {
>   permission java.io.FilePermission "/test.txt", "write";
> };
> 

Tomcat 3.x only allows one set of permissions for an entire Context,
configured for the web application root, as in your first example.
You can not set different permissions for jar's located in WEB-INF/lib
or to class files in WEB-INF/classes.

The Tomcat 4 Java SecurityManager implementation is more sophisticated.
It does allow you to grant different permissions for different CodeBase's
within a single web applicaiton.

> I get the following error message :-((
> 
> Error: 500
> Location: /servlet/joe.joe1
> Internal Servlet Error:
> java.security.AccessControlException: access denied
> (java.io.FilePermission /test.txt write)
>         at
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
>         at
> java.security.AccessController.checkPermission(AccessController.java:399)
>         at
> java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
>         at
> java.lang.SecurityManager.checkWrite(SecurityManager.java:978)
>         at java.io.FileOutputStream.(FileOutputStream.java:96)
>         at java.io.FileWriter.(FileWriter.java:52)
>         at joe.joe1.doGet(joe1.java:64)
> ...
> etc.
> //---------------------------------------------------------------------------
> 
> What the heck?!?!
> 
> Anyone have any ideas for me to try?
> 
> I want to create a bunch of user/programmer subdirectories like
> 
> "/usr/tomcat/jakarta-tomcat-3.2.2/webapps/ROOT/WEB-INF/classes/joe/"
> "/usr/tomcat/jakarta-tomcat-3.2.2/webapps/ROOT/WEB-INF/classes/tom/"
> "/usr/tomcat/jakarta-tomcat-3.2.2/webapps/ROOT/WEB-INF/classes/henry/"
> etc.
> 
> so that I can grant all servlets in these directories and subdirectories
> read/write access to their own separate directory structure so they
> won't be able to write over anyone elses files, including the "system"
> files, of course.
> 

The above isn't possible with the Java SecurityManager.
A permission is granted to a CodeBase, all classes in WEB-INF have the
same CodeBase.

What I would recommend is that the developers setup Tomcat on their local
desktop systems for doing development work, and leave the server for
combined testing.  We do this where I work by using CVS repositories
and setting up Ant to build the applicaiton.

> This is a wierd one.
> 
> Thanks for any help!
> 
> Joe

-- 
----------------------------------------------------------------------
Glenn Nielsen             glenn@more.net | /* Spelin donut madder    |
MOREnet System Programming               |  * if iz ina coment.      |
Missouri Research and Education Network  |  */                       |
----------------------------------------------------------------------

Mime
View raw message