This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 8.5.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push: new 051f354 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=55969 051f354 is described below commit 051f354871223dd5b0f72cf778852feb8fd45318 Author: Mark Thomas <ma...@apache.org> AuthorDate: Mon Jul 8 15:41:59 2019 +0100 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=55969 Tighten security for the Windows installer. Update to Daemon 1.2.0. This changes the default user from "Local System" to "Local Service". Disable the shutdown port by default (service doesn't use it). Limit file permissions to local admins, "Local Service" and "Local System". --- build.properties.default | 14 +++++++------- res/tomcat.nsi | 18 +++++++++++++++++- webapps/docs/changelog.xml | 13 +++++++++++++ 3 files changed, 37 insertions(+), 8 deletions(-) diff --git a/build.properties.default b/build.properties.default index 0c5113a..78f9231 100644 --- a/build.properties.default +++ b/build.properties.default @@ -175,21 +175,21 @@ nsis.system.dll=${nsis.home}/Plugins/${nsis.arch.dir}System.dll nsis.nsdialogs.dll=${nsis.home}/Plugins/${nsis.arch.dir}nsDialogs.dll nsis.loc=${base-sf.loc}/nsis/nsis-${nsis.version}.zip -# ----- Commons Daemon, version 1.1.0 or later ----- -commons-daemon.version=1.1.0 +# ----- Commons Daemon, version 1.2.0 or later ----- +commons-daemon.version=1.2.0 -# checksum for commons-daemon-1.1.0-bin.tar.gz +# checksum for commons-daemon-1.2.0-bin.tar.gz commons-daemon.bin.checksum.enabled=true commons-daemon.bin.checksum.algorithm=SHA-512 -commons-daemon.bin.checksum.value=43c33e52e0be11e73370083500592ee9df0431c3166dbc7ed95794cabb462ac2a140e3eb4bbe2a0b99882bb93d9244ff534f13e4933c13e7a31a37e58e0c8e1d +commons-daemon.bin.checksum.value=81fbbd1115d735232bbcc426d958bd8fe149c97bfe96df1549a19332afd4954f3f75c3a693f214bfef065931a1d79c528dfb2cefb1bb3628d211e1761814c23b -# checksums for commons-daemon-1.1.0-native-src.tar.gz, commons-daemon-1.1.0-bin-windows.zip +# checksums for commons-daemon-1.1.0-native-src.tar.gz, commons-daemon-1.2.0-bin-windows.zip commons-daemon.native.src.checksum.enabled=true commons-daemon.native.src.checksum.algorithm=SHA-512 -commons-daemon.native.src.checksum.value=3443f1c95a4b267c4387a9ac7c79315422a51e896c0bcea48fbe959bc301094770aa8065b2388a84760a3e07e5d1753c2b351336fb2d3a8c996ee14d32088f6e +commons-daemon.native.src.checksum.value=c37f506b129b8a0efface6745dcc6d0d9d3e2663d28eca0df9903301f0b9b65fd8306e361935887fb459daf0a29da6fa63ea60f742ce4e497dc53a2a2d86db12 commons-daemon.native.win.checksum.enabled=true commons-daemon.native.win.checksum.algorithm=SHA-512 -commons-daemon.native.win.checksum.value=10cda04d9a44286cb67107fdb9d20958013f075cad4accba048801f3677765c334dc16f6901e1d2e4a9df5a2c702797370de63393568df6fceb9e7902421f9ea +commons-daemon.native.win.checksum.value=8b6e0bb4172861338e0cb3238f6da715c3cef04a88e8bfab0cbb487ef638aa69fd34de9407b0b2ed54451fbbcbff8a999324289052a581a5d07d6f6ff84a83b6 commons-daemon.home=${base.path}/commons-daemon-${commons-daemon.version} commons-daemon.jar=${commons-daemon.home}/commons-daemon-${commons-daemon.version}.jar diff --git a/res/tomcat.nsi b/res/tomcat.nsi index 8efe924..0175f12 100644 --- a/res/tomcat.nsi +++ b/res/tomcat.nsi @@ -364,6 +364,22 @@ Section -post WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\Apache Tomcat @VERSION_MAJOR_MINOR@ $TomcatServiceName" \ "UninstallString" "$\"$INSTDIR\Uninstall.exe$\" -ServiceName=$\"$TomcatServiceName$\"" + ; Configure file permissions + ; S-1-5-19 LocalService + ; S-1-5-32-544 Local Administrators group + ; S-1-5-18 Local System + nsExec::ExecToStack 'icacls "$INSTDIR" /inheritance:r /grant *S-1-5-19:(OI)(CI)(F) /grant *S-1-5-32-544:(OI)(CI)(F) /grant *S-1-5-18:(OI)(CI)(F)' + Pop $0 + Pop $1 + StrCmp $0 "0" SetPermissionsOk + FileWrite $ServiceInstallLog "Install failed (setting file permissions): $0 $1$\r$\n" + MessageBox MB_YESNO|MB_ICONSTOP \ + "Failed to set file permisisons.$\r$\nCheck your settings and permissions.$\r$\nIgnore and continue anyway (not recommended)?" \ + /SD IDNO IDYES SetPermissionsOk + Quit + SetPermissionsOk: + ClearErrors + SectionEnd !define ReadFromConfigIni "!insertmacro ReadFromConfigIni" @@ -412,7 +428,7 @@ Function .onInit ;Initialize default values StrCpy $JavaHome "" - StrCpy $TomcatPortShutdown "8005" + StrCpy $TomcatPortShutdown "-1" StrCpy $TomcatPortHttp "8080" StrCpy $TomcatPortAjp "8009" StrCpy $TomcatMenuEntriesEnable "0" diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index d9d75bc..437ef68 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -52,6 +52,19 @@ This allows Tomcat 8.5 to use the newer Checkstyle releases while still building with Java 7. (markt) </update> + <update> + Update to Commons Daemon 1.2.0. This changes the user configured by the + Windows installer for the Windows service from <code>Local System</code> + to the lower privileged <code>Local Service</code>. (markt) + </update> + <fix> + <bug>55969</bug>: Tighten up the security of the Apache Tomcat + installation created by the Windows installer. Change the default + shutdown port used by the Windows installer from <code>8005</code> to + <code>-1</code> (disabled). Limit access to the chosen installation + directory to local administrators, Local System and Local Service. + (markt) + </fix> </changelog> </subsection> </section> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org