Bug 114828 - Files in /usr/share/java/webapps and /var/lib/ccm/ should owned by root instead of servlet
Summary: Files in /usr/share/java/webapps and /var/lib/ccm/ should owned by root inste...
Alias: None
Product: Red Hat Web Application Framework
Classification: Retired
Component: installation   
(Show other bugs)
Version: nightly
Hardware: All Linux
Target Milestone: ---
Assignee: Dennis Gregorovic
QA Contact: Jon Orris
Depends On:
Blocks: 113496
TreeView+ depends on / blocked
Reported: 2004-02-03 10:58 UTC by Daniel Berrange
Modified: 2007-04-18 17:02 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-04-06 15:21:22 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Daniel Berrange 2004-02-03 10:58:00 UTC
Description of problem:
The installed template webapps from the RPM in /usr/share/java/webapps
are all owned and writable by the 'servlet' user & group. simiilarly
the files in /var/lib/ccm are owned and writable by the 'servlet' user
. All of these files should be owned by root to protect against
exploits in the servlet container, and bugs in our code which could
otherwise let remote users overwrite these files. This is critically
important since an exploit of this kind would allow execution of
arbitrary java code via a JSP. 

In general, nothing except the 'work' directory should be owned /
writable by 'servlet'. We may have, however, have complications with
the 'themes' application, so possibly need a temporary hack to
application.xml to let an app specify that its webapp (or perhaps a
directory therein) is indeed owned & writable by 'servlet'.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:

Comment 1 Dennis Gregorovic 2004-02-04 04:00:13 UTC
Can you be more specific on the requirements of the themes webapp?  As
far as I know, p2fs is currently the only piece of code (except for
themes) that writes to the webapp root.  The directory that it writes
to - $CCM_HOME/webapps/ROOT/packages/content-section/templates - is
chown'd  to servlet.servlet by "ccm hostinit".  We could do something
similar for the themes app.

Comment 2 Dennis Gregorovic 2004-02-04 06:34:51 UTC
@40037 & @40036  for the default case.  Still need to deal with Themes app

Comment 3 Dennis Gregorovic 2004-03-01 07:11:52 UTC
Randy, can you provide a list of directories to which the themes
applications writes on disk?

Comment 4 Randy Graebner 2004-03-01 13:35:46 UTC
The themes app does two things.
1. it writes to $CCM_HOME/webapps/ccm-ldn-theme/__ccm__/themes-dev/
and that directory will need to also have permissions so that users
can FTP or SCP to there.  That permisssion can be manually set by the
sysadmin but the directory should not be owned by root.

2. it writes to $CCM_HOME/webapps/ccm-ldn-theme/__ccm__/themes-prod
which is created by the server at runtime and it not part of the
initial install.  So you may want to look at it as it actually needs
to be able to create a directory under
$CCM_HOME/webapps/ccm-ldn-theme/__ccm__/ unless you want to alter the
themes app to ship with the empty directory or with a dummy file in
the directory.

And, when I use $CCM_HOME above, that is what is used in my current
dev environment (/var/ccm-devel/web/randyg/aplaws).  But, it should
really just be the location where the webapps are deployed.

Comment 5 Dennis Gregorovic 2004-03-08 18:21:19 UTC
@41134 I modifed the hostinit command to also change the owner of the
two themes directories Randy listed to the servlet user.  Longer term,
we may want a more flexible solution, but this should work for now.

Comment 6 Randy Graebner 2004-03-18 21:21:42 UTC
I have tested this out and after manually creating the themes-prod and
themes-dev directory and then running "ccm hostinit" the directories
were given the correct permissions.  With change 41509 I have added
some placeholders so that the directories are automatically created so
that the "ccm hostinit" will actually have a directory to change.  So,
after that change, I think that the solution works for the themes

Note You need to log in before you can comment on or make changes to this bug.