Bug#833257: Bug#825786: tomcat8: postinst script overwrites file permissions in /etc
Emmanuel Bourg
ebourg at apache.org
Thu Dec 1 08:36:25 UTC 2016
On Tue, 2 Aug 2016 11:06:56 +0200 Markus Koschany <apo at debian.org> wrote:
> Tomcat 8 should not write files into /etc/tomcat8/Catalina.
The fact that Tomcat is able to write to /etc/tomcat8/Catalina
contributed to the vulnerability described in #845393.
This directory is writable because Tomcat copies the context.xml files
of the web applications there. This is controlled by the copyXML
attribute of the Host element in server.xml which is false by default. I
suspect this feature is rarely used, so we could simply make the
/etc/tomcat8/Catalina directory read-only for the tomcat8 user. That
would solve this bug and the #845393 vulnerability. If the administrator
wants to set copyXML to true, he will have to adjust the permissions of
the directory.
I observed that even when copyXML is false, Tomcat creates an empty
directory per virtualhost under /etc/tomcat8/Catalina (for example
/etc/tomcat8/Catalina/www.example.org). When I made
/etc/tomcat8/Catalina read-only Tomcat didn't complain, no error was
reported in the logs.
Emmanuel Bourg
More information about the pkg-java-maintainers
mailing list