Return-Path: 
 <tomcat-dev-return-25440-qmlist-jakarta-archive-tomcat-dev=nagoya.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-dev-archive@apache.org
Received: (qmail 57539 invoked from network); 11 Feb 2003 18:56:09 -0000
Received: from exchange.sun.com (192.18.33.10)
  by daedalus.apache.org with SMTP; 11 Feb 2003 18:56:09 -0000
Received: (qmail 12581 invoked by uid 97); 11 Feb 2003 18:57:42 -0000
Delivered-To: qmlist-jakarta-archive-tomcat-dev@nagoya.betaversion.org
Received: (qmail 12572 invoked from network); 11 Feb 2003 18:57:42 -0000
Received: from daedalus.apache.org (HELO apache.org) (208.185.179.12)
  by nagoya.betaversion.org with SMTP; 11 Feb 2003 18:57:42 -0000
Received: (qmail 53084 invoked by uid 500); 11 Feb 2003 18:55:13 -0000
Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
List-Subscribe: <mailto:tomcat-dev-subscribe@jakarta.apache.org>
List-Help: <mailto:tomcat-dev-help@jakarta.apache.org>
List-Post: <mailto:tomcat-dev@jakarta.apache.org>
List-Id: "Tomcat Developers List" <tomcat-dev.jakarta.apache.org>
Reply-To: "Tomcat Developers List" <tomcat-dev@jakarta.apache.org>
Delivered-To: mailing list tomcat-dev@jakarta.apache.org
Received: (qmail 53037 invoked from network); 11 Feb 2003 18:55:13 -0000
Received: from nwkea-mail-1.sun.com (192.18.42.13)
  by daedalus.apache.org with SMTP; 11 Feb 2003 18:55:13 -0000
Received: from ha2sca-mail1.SFBay.Sun.COM ([129.145.155.61])
	by nwkea-mail-1.sun.com (8.9.3+Sun/8.9.3) with ESMTP id KAA12206
	for <tomcat-dev@jakarta.apache.org>; Tue, 11 Feb 2003 10:55:17 -0800 (PST)
Received: from apache.org (d-usca14-133-81 [129.145.133.81])
	by ha2sca-mail1.SFBay.Sun.COM (8.11.6+Sun/8.10.2/ENSMAIL,v2.1p1) with ESMTP
 id h1BItGY12828
	for <tomcat-dev@jakarta.apache.org>; Tue, 11 Feb 2003 10:55:16 -0800 (PST)
Message-ID: <3E49473D.1080607@apache.org>
Date: Tue, 11 Feb 2003 10:55:57 -0800
From: Amy Roh <amyroh@apache.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
 rv:1.0.0) Gecko/20020530
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Tomcat Developers List <tomcat-dev@jakarta.apache.org>
Subject: Re: cvs commit:
 jakarta-tomcat-4.0/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valve
 RemoteAddrValveForm.java RemoteHostValveForm.java ValveUtil.java
References: <20030211022715.82714.qmail@icarus.apache.org>
 <3E48CF10.8070705@apache.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

Remy Maucherat wrote:
> amyroh@apache.org wrote:
> 
>> amyroh      2003/02/10 18:27:15
>>
>>   Modified:    webapps/admin build.xml
>>                webapps/admin/WEB-INF/classes/org/apache/webapp/admin
>>                         ApplicationResources_en.properties
>>                         ApplicationResources_es.properties
>>                
>> webapps/admin/WEB-INF/classes/org/apache/webapp/admin/valve
>>                         RemoteAddrValveForm.java RemoteHostValveForm.java
>>                         ValveUtil.java
>>   Log:
>>   Add validation for RemoteAddrValve and  RemoteHostValve to prevent
>>   installing a filter that prevents the admin's own access.
> 
> 
> I don't understand what this does over the stanadard remote host/addr 
> valves.
> If the maintainer of server.xml wishes to deny access to the "admin", 
> then he has the right to do so IMO. I don't agree with forcing the 
> localhost to have access, essentially. I may have an idea of where this 
> new "feature" is coming from ;-)

If the maintainer of server.xml or tomcat wishes to deny access to the 
"admin", he can surely do so by editing server.xml and is recommended to 
do so if that's what he desires.  This patch doesn't prevent that 
availability.  This patch only adds validation in admin to prevent the 
admin to crash because if the user, who doesn't have better idea how 
these filters work, just create these filters that deny access to its 
own admin while running admin will cause the whole admin to crash.  Just 
try adding these valves with deny attribute "127.0.0.1", the whole admin 
will crash before this patch.  Again, this is just a validation of 
inputs that will have admin continue to work instead of limiting these 
filters usage.  Also note that you can still create these filters to 
prevent admin access from other ip addresses or host other than admin's 
own ip and host.

Amy

> 
> I'll have to veto this patch unless there is a real justification for 
> it, other than (apparently) imaginary usability concerns (I will not 
> integrate this patch in 4.1.20).
> 
> Remy
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
> 




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org