[jira] [Commented] (KARAF-798) Support for relocating karaf.history file

Wed, 07 Sep 2011 09:17:35 -0700 

    [ 
https://issues.apache.org/jira/browse/KARAF-798?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13099069#comment-13099069
 ] 

Glen Mazza commented on KARAF-798:
----------------------------------

-Dkaraf.history.location as described looks fine.  My only concern was that 
command taking an already existing karaf history file and relocating its 
contents to a different folder with different security permissions.  That would 
be a security hole if the karaf history file potentially could have sensitive 
information within it, such as usernames and passwords in any type of "create 
user" command.  But nobody here is proposing that.

Granted, the new -Dkaraf.history.location might be (potentially incorrectly) 
world-readable, but that wouldn't be karaf's fault but just that of a careless 
system administrator.  As you write, that's the responsibility of the user.



> Support for relocating karaf.history file
> -----------------------------------------
>
>                 Key: KARAF-798
>                 URL: https://issues.apache.org/jira/browse/KARAF-798
>             Project: Karaf
>          Issue Type: New Feature
>          Components: karaf-shell
>            Reporter: Troy Waldrep
>
> We have a servicemix-based product that has to perform a setuid to a 
> lower-privileged user while running on linux.  We've accounted for most 
> permissions-based issues that result from doing this by ensuring that the 
> lower-privileged user has write access to the necessary files under the data 
> directory.
> Unfortunately, we can't do this with karaf.history since it is written to the 
> home directory of the user that started the stack (root in this case).  The 
> lower-privileged usually doesn't have *any* visibility into this directory, 
> let alone write privileges.  If a configuration option was provided to 
> specify the location of the karaf.history file (or the option to not even 
> write or expect to find one), then we could treat this file like any other.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to