Red Hat Bugzilla – Bug 114828
Files in /usr/share/java/webapps and /var/lib/ccm/ should owned by root instead of servlet
Last modified: 2007-04-18 13:02:28 EDT
Description of problem:
The installed template webapps from the RPM in /usr/share/java/webapps
are all owned and writable by the 'servlet' user & group. simiilarly
the files in /var/lib/ccm are owned and writable by the 'servlet' user
. All of these files should be owned by root to protect against
exploits in the servlet container, and bugs in our code which could
otherwise let remote users overwrite these files. This is critically
important since an exploit of this kind would allow execution of
arbitrary java code via a JSP.
In general, nothing except the 'work' directory should be owned /
writable by 'servlet'. We may have, however, have complications with
the 'themes' application, so possibly need a temporary hack to
application.xml to let an app specify that its webapp (or perhaps a
directory therein) is indeed owned & writable by 'servlet'.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Can you be more specific on the requirements of the themes webapp? As
far as I know, p2fs is currently the only piece of code (except for
themes) that writes to the webapp root. The directory that it writes
to - $CCM_HOME/webapps/ROOT/packages/content-section/templates - is
chown'd to servlet.servlet by "ccm hostinit". We could do something
similar for the themes app.
@40037 & @40036 for the default case. Still need to deal with Themes app
Randy, can you provide a list of directories to which the themes
applications writes on disk?
The themes app does two things.
1. it writes to $CCM_HOME/webapps/ccm-ldn-theme/__ccm__/themes-dev/
and that directory will need to also have permissions so that users
can FTP or SCP to there. That permisssion can be manually set by the
sysadmin but the directory should not be owned by root.
2. it writes to $CCM_HOME/webapps/ccm-ldn-theme/__ccm__/themes-prod
which is created by the server at runtime and it not part of the
initial install. So you may want to look at it as it actually needs
to be able to create a directory under
$CCM_HOME/webapps/ccm-ldn-theme/__ccm__/ unless you want to alter the
themes app to ship with the empty directory or with a dummy file in
And, when I use $CCM_HOME above, that is what is used in my current
dev environment (/var/ccm-devel/web/randyg/aplaws). But, it should
really just be the location where the webapps are deployed.
@41134 I modifed the hostinit command to also change the owner of the
two themes directories Randy listed to the servlet user. Longer term,
we may want a more flexible solution, but this should work for now.
I have tested this out and after manually creating the themes-prod and
themes-dev directory and then running "ccm hostinit" the directories
were given the correct permissions. With change 41509 I have added
some placeholders so that the directories are automatically created so
that the "ccm hostinit" will actually have a directory to change. So,
after that change, I think that the solution works for the themes