This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 051f354 Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=55969
051f354 is described below
commit 051f354871223dd5b0f72cf778852feb8fd45318
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Jul 8 15:41:59 2019 +0100
Fix https://bz.apache.org/bugzilla/show_bug.cgi?id=55969
Tighten security for the Windows installer.
Update to Daemon 1.2.0. This changes the default user from "Local
System" to "Local Service".
Disable the shutdown port by default (service doesn't use it).
Limit file permissions to local admins, "Local Service" and "Local
System".
---
build.properties.default | 14 +++++++-------
res/tomcat.nsi | 18 +++++++++++++++++-
webapps/docs/changelog.xml | 13 +++++++++++++
3 files changed, 37 insertions(+), 8 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index 0c5113a..78f9231 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -175,21 +175,21 @@
nsis.system.dll=${nsis.home}/Plugins/${nsis.arch.dir}System.dll
nsis.nsdialogs.dll=${nsis.home}/Plugins/${nsis.arch.dir}nsDialogs.dll
nsis.loc=${base-sf.loc}/nsis/nsis-${nsis.version}.zip
-# ----- Commons Daemon, version 1.1.0 or later -----
-commons-daemon.version=1.1.0
+# ----- Commons Daemon, version 1.2.0 or later -----
+commons-daemon.version=1.2.0
-# checksum for commons-daemon-1.1.0-bin.tar.gz
+# checksum for commons-daemon-1.2.0-bin.tar.gz
commons-daemon.bin.checksum.enabled=true
commons-daemon.bin.checksum.algorithm=SHA-512
-commons-daemon.bin.checksum.value=43c33e52e0be11e73370083500592ee9df0431c3166dbc7ed95794cabb462ac2a140e3eb4bbe2a0b99882bb93d9244ff534f13e4933c13e7a31a37e58e0c8e1d
+commons-daemon.bin.checksum.value=81fbbd1115d735232bbcc426d958bd8fe149c97bfe96df1549a19332afd4954f3f75c3a693f214bfef065931a1d79c528dfb2cefb1bb3628d211e1761814c23b
-# checksums for commons-daemon-1.1.0-native-src.tar.gz,
commons-daemon-1.1.0-bin-windows.zip
+# checksums for commons-daemon-1.1.0-native-src.tar.gz,
commons-daemon-1.2.0-bin-windows.zip
commons-daemon.native.src.checksum.enabled=true
commons-daemon.native.src.checksum.algorithm=SHA-512
-commons-daemon.native.src.checksum.value=3443f1c95a4b267c4387a9ac7c79315422a51e896c0bcea48fbe959bc301094770aa8065b2388a84760a3e07e5d1753c2b351336fb2d3a8c996ee14d32088f6e
+commons-daemon.native.src.checksum.value=c37f506b129b8a0efface6745dcc6d0d9d3e2663d28eca0df9903301f0b9b65fd8306e361935887fb459daf0a29da6fa63ea60f742ce4e497dc53a2a2d86db12
commons-daemon.native.win.checksum.enabled=true
commons-daemon.native.win.checksum.algorithm=SHA-512
-commons-daemon.native.win.checksum.value=10cda04d9a44286cb67107fdb9d20958013f075cad4accba048801f3677765c334dc16f6901e1d2e4a9df5a2c702797370de63393568df6fceb9e7902421f9ea
+commons-daemon.native.win.checksum.value=8b6e0bb4172861338e0cb3238f6da715c3cef04a88e8bfab0cbb487ef638aa69fd34de9407b0b2ed54451fbbcbff8a999324289052a581a5d07d6f6ff84a83b6
commons-daemon.home=${base.path}/commons-daemon-${commons-daemon.version}
commons-daemon.jar=${commons-daemon.home}/commons-daemon-${commons-daemon.version}.jar
diff --git a/res/tomcat.nsi b/res/tomcat.nsi
index 8efe924..0175f12 100644
--- a/res/tomcat.nsi
+++ b/res/tomcat.nsi
@@ -364,6 +364,22 @@ Section -post
WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\Apache
Tomcat @VERSION_MAJOR_MINOR@ $TomcatServiceName" \
"UninstallString" "$\"$INSTDIR\Uninstall.exe$\"
-ServiceName=$\"$TomcatServiceName$\""
+ ; Configure file permissions
+ ; S-1-5-19 LocalService
+ ; S-1-5-32-544 Local Administrators group
+ ; S-1-5-18 Local System
+ nsExec::ExecToStack 'icacls "$INSTDIR" /inheritance:r /grant
*S-1-5-19:(OI)(CI)(F) /grant *S-1-5-32-544:(OI)(CI)(F) /grant
*S-1-5-18:(OI)(CI)(F)'
+ Pop $0
+ Pop $1
+ StrCmp $0 "0" SetPermissionsOk
+ FileWrite $ServiceInstallLog "Install failed (setting file permissions):
$0 $1$\r$\n"
+ MessageBox MB_YESNO|MB_ICONSTOP \
+ "Failed to set file permisisons.$\r$\nCheck your settings and
permissions.$\r$\nIgnore and continue anyway (not recommended)?" \
+ /SD IDNO IDYES SetPermissionsOk
+ Quit
+ SetPermissionsOk:
+ ClearErrors
+
SectionEnd
!define ReadFromConfigIni "!insertmacro ReadFromConfigIni"
@@ -412,7 +428,7 @@ Function .onInit
;Initialize default values
StrCpy $JavaHome ""
- StrCpy $TomcatPortShutdown "8005"
+ StrCpy $TomcatPortShutdown "-1"
StrCpy $TomcatPortHttp "8080"
StrCpy $TomcatPortAjp "8009"
StrCpy $TomcatMenuEntriesEnable "0"
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index d9d75bc..437ef68 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -52,6 +52,19 @@
This allows Tomcat 8.5 to use the newer Checkstyle releases while still
building with Java 7. (markt)
</update>
+ <update>
+ Update to Commons Daemon 1.2.0. This changes the user configured by the
+ Windows installer for the Windows service from <code>Local
System</code>
+ to the lower privileged <code>Local Service</code>. (markt)
+ </update>
+ <fix>
+ <bug>55969</bug>: Tighten up the security of the Apache Tomcat
+ installation created by the Windows installer. Change the default
+ shutdown port used by the Windows installer from <code>8005</code> to
+ <code>-1</code> (disabled). Limit access to the chosen installation
+ directory to local administrators, Local System and Local Service.
+ (markt)
+ </fix>
</changelog>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
