Re: Access denied... to /tmp !?
On Monday 02 Dec 2002 5:01 pm, Jeanfrancois Arcand wrote: That's the proper behaviour. By default, a web application is only able to read under the context under which it was deployed. If you want to grant access to the /tmp !*be carefull*!, add the following in your catalina.policy file: grant codeBase file:${catalina.home}/webapps/your context/- { permission java.io.FilePermission /tmp, read; }; OK, this raises another issue. The problem arose because my servlet makes use of the maybeupload package URL: http://www.weft.co.uk/library/maybeupload/ which I wrote and maintain, but which is also used in a number of other people's code including Cocoon 2, so it's moderately important that it doesn't do stupid things. MaybeUploadServlet checks in it's init method that it's upload directory exists and is writable: uploadDir = new File( uploadDirPath); if ( ! uploadDir.isDirectory() || ! uploadDir.canWrite()) throw new UnavailableException( Cannot write to upload directory + uploadDirPath); UploadDirPath is a runtime configurable parameter, expected to be picked up from the web.xml: uploadDirPath = getStringParameterValue( upload_dir_path, config, uploadDirPath); However, if no value is specified in the web.xml, then currently the hard-coded default is /tmp; the thinking being this is it's usually a safe place to write stuff. Clearly, though, as you point out, this is the wrong thing to do. The obvious solution is to alter MaybeUploadServlet so that if no upload_dir_path is specified in the web.xml, to switch off the upload facility altogether, possibly appending a warning to the log. However I don't know who else's code this will hurt (and, indeed, it's interesting that I haven't had anyone else report this to me as a bug). Could anyone suggest a means of getting a 'safe' directory path for UploadDirPath to default to, or should I go for the 'switch off' behaviour? Cheers Simon -- [EMAIL PROTECTED] (Simon Brooke) http://www.jasmine.org.uk/~simon/ ;; making jokes about dyslexia isn't big, it isn't clever and ;; it isn't furry. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Access denied... to /tmp !?
Hi, However, if no value is specified in the web.xml, then currently the hard-coded default is /tmp; the thinking being this is it's usually a safe place to write stuff. How about, if no value is specified in web.xml, use javax.servlet.context.tempdir? That's always available as if it were specified as a context parameter in web.xml. Yoav Shapira Millennium ChemInformatics -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: Access denied... to /tmp !?
Simon Brooke wrote: On Monday 02 Dec 2002 5:01 pm, Jeanfrancois Arcand wrote: That's the proper behaviour. By default, a web application is only able to read under the context under which it was deployed. If you want to grant access to the /tmp !*be carefull*!, add the following in your catalina.policy file: grant codeBase file:${catalina.home}/webapps/your context/- { permission java.io.FilePermission /tmp, read; }; OK, this raises another issue. The problem arose because my servlet makes use of the maybeupload package URL: http://www.weft.co.uk/library/maybeupload/ which I wrote and maintain, but which is also used in a number of other people's code including Cocoon 2, so it's moderately important that it doesn't do stupid things. MaybeUploadServlet checks in it's init method that it's upload directory exists and is writable: uploadDir = new File( uploadDirPath); if ( ! uploadDir.isDirectory() || ! uploadDir.canWrite()) throw new UnavailableException( Cannot write to upload directory + uploadDirPath); UploadDirPath is a runtime configurable parameter, expected to be picked up from the web.xml: uploadDirPath = getStringParameterValue( upload_dir_path, config, uploadDirPath); However, if no value is specified in the web.xml, then currently the hard-coded default is /tmp; the thinking being this is it's usually a safe place to write stuff. Clearly, though, as you point out, this is the wrong thing to do. The obvious solution is to alter MaybeUploadServlet so that if no upload_dir_path is specified in the web.xml, to switch off the upload facility altogether, possibly appending a warning to the log. However I don't know who else's code this will hurt (and, indeed, it's interesting that I haven't had anyone else report this to me as a bug). Because they probably runs Tomcat without the security manager, so they can read/write from any context :-) Could anyone suggest a means of getting a 'safe' directory path for UploadDirPath to default to, or should I go for the 'switch off' behaviour? Have you try the solution proposed by Yoav? This is probably the best solution if you want a tmp directory for each web-app. If you only want 1 directory, then the /tmp is fine (but works only on Unix). -- Jeanfrancois Cheers Simon
Re: Access denied... to /tmp !?
That's the proper behaviour. By default, a web application is only able to read under the context under which it was deployed. If you want to grant access to the /tmp !*be carefull*!, add the following in your catalina.policy file: grant codeBase file:${catalina.home}/webapps/your context/- { permission java.io.FilePermission /tmp, read; }; -- Jeanfrancois Simon Brooke wrote: Hi I've been running things under various versions of Tomcat for a long time now, but it's always been Tomcats I've compiled and installed myself. Now I'm trying to get things running with the version of Tomcat which is packaged in the Debian package 'tomcat4 4.0.3-3woody1'. The tomcat install works, and I can install my webapp OK, and tomcat serves static pages out of my webapp just fine. But when I try to access a Servlet, I get Apache Tomcat/4.0.3 - HTTP Status 500 - Internal Server Error type Exception report message Internal Server Error description The server encountered an internal error (Internal Server Error) that prevented it from fulfilling this request. exception javax.servlet.ServletException: Servlet.init() for servlet items threw exception at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:935 ) ... usual stuf... root cause java.security.AccessControlException: access denied (java.io.FilePermission /tmp read) at java.security.AccessControlContext.checkPermission(AccessControlContext.java( Compiled Code)) Now if I understand what's going on there, the servlet is falling over because it can't read /tmp... What I want to know is where this security policy is set? -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: Access denied... to /tmp !?
Howdy, Mr. Arcand already answered, but I wanted to add something: you can use the directory indicated by context property javax.servlet.context.tempdir as your temporary directory, rather than hard-coding /tmp. See the servlet spec, section 3.7.1, for details. Yoav Shapira Millennium ChemInformatics -Original Message- From: Simon Brooke [mailto:[EMAIL PROTECTED]] Sent: Monday, December 02, 2002 11:40 AM To: 'Tomcat Users List' Subject: Access denied... to /tmp !? Hi I've been running things under various versions of Tomcat for a long time now, but it's always been Tomcats I've compiled and installed myself. Now I'm trying to get things running with the version of Tomcat which is packaged in the Debian package 'tomcat4 4.0.3-3woody1'. The tomcat install works, and I can install my webapp OK, and tomcat serves static pages out of my webapp just fine. But when I try to access a Servlet, I get Apache Tomcat/4.0.3 - HTTP Status 500 - Internal Server Error type Exception report message Internal Server Error description The server encountered an internal error (Internal Server Error) that prevented it from fulfilling this request. exception javax.servlet.ServletException: Servlet.init() for servlet items threw exception at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.ja va:9 35 ) ... usual stuf... root cause java.security.AccessControlException: access denied (java.io.FilePermission /tmp read) at java.security.AccessControlContext.checkPermission(AccessControlContext .jav a( Compiled Code)) Now if I understand what's going on there, the servlet is falling over because it can't read /tmp... What I want to know is where this security policy is set? -- [EMAIL PROTECTED] (Simon Brooke) http://www.jasmine.org.uk/~simon/ Error 1109: There is no message for this error -- To unsubscribe, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] For additional commands, e-mail: mailto:tomcat-user- [EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]