Hi, would like to solve the following problem, any opinion is appreciated:
I have a bundle "apache - mod_jk - tomcat" working and virtual hosts properly configured, everything is nice, but with a few small issues. In addition to this configuration - each virtual host represents different users which don't trust each other. 1. as a user1 I'm able to get to what's in the user2 home directory (if file exec perm is allowed), here is how: tomcat is running with security manager enabled, in catalina.policy add something like this: grant codeBase "file:/path/vhost1/-" { permission java.io.FilePermission "/path/vhost1/-", "read,write,delete,execute"; } grant codeBase "file:/path/vhost2/-" { permission java.io.FilePermission "/path/vhost2/-", "read,write,delete,execute"; } this policy prevents to open anything that is outside of /path/vhostN , but it allows you to create a shell script and execute commands under the server uid, and because the uid is allowed to access any user directory you potentially can get something from there. it's easy to solve , don't give users exec permission, but I would like to allow them to execute what they want somehow question: is there a way, before executing an external process switch to a different uid (something similar to apache suexec, or perhaps something like uid per <host>)? 2. for each vhost "/manager" context is created (inside <host name="vhost">) with its own users database and so on. when one deploys his applications they belong to the server uid (files owner), from #1 it means that anyone who is able to execute a shell script and get in to your directory can delete or alter your applications question: is it possible to change files owner when you deploy an application or when it's auto deployed (one way is - chmod +s /path/user/webappsdir, but it allows user to have more then readonly on apps files, it doesn't prevent cases described in #1) it's not dangerous when you don't give permission to execute external processes thanks --alex --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]