I should clarify. "Security" in this case means "a student should not be able to view the source code of another student." Because we are exporting the files but they still need to be accessible by Tomcat, each user directory is 570 tomcat:user and all files inside are world readable. This allows the files to be secure from the perspective of the filesystems on both the exporting and mounting machines but still be all readable by Tomcat.
However, another way a student could look at other files is by using a BufferedReader within a servlet/jsp and simply viewing/saving the contents. Since Tomcat is running as the tomcat user and not them, it has access to the files. This is something that the Tomcat security manager should take care of, enforcing the boundaries between the students' directories that all exist at the same logical level. I don't think Apache can make the distinction between the files that a servlet/jsp is opening in this instance if Tomcat has unrestricted access between all contexts. If I am wrong in this respect, please correct me. I would love a simple solution. (As far as the server.xml goes, I have it all scripted with the data coming from databases, so it's relatively easy to make a version of the file...) Pat Schaider On Mon, 2002-09-09 at 20:19, Nicholas Orr wrote: > Hi, > > Just a suggestion. > > Why not use Apache to take care of all the security? Ie have home > directories for each user and only the user has access to his/her home > directory, then apache can use a standard like http://localhost/~user and > everything is sepearate. It would be a lot easier to Administer. When you > delete or add new user they just have a webapps folder and it goes from > there. > Ie user/ > webapps/ > context1/ > index.jsp > WEB-INF/ > classes/ > home.class > lib/ > tools.jar > web.xml > > context2/ > index.jsp > WEB-INF/ > classes/ > cool.class > lib/ > goodstuff.jar > web.xml > > I don't know if that would work. It might need to to be reorganised. But a > system like this would be a lot better than administering a 500+ entry xml > file. > > Oh well some other people will have more of an idea if this is possible. I > know Apache can have the ~user bit and it just maps to home directories > under /home/usr/username. > > Nicholas Orr > > -----Original Message----- > From: Pat Schaider [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, 10 September 2002 4:08 PM > To: [EMAIL PROTECTED] > Subject: Tomcat scalability question > > > Hello all -- > > I have a configuration problem on my setup of Tomcat (v 4.0.3). I am > managing this machine for my university's CS department, so there are issues > of security that must be followed, namely that students should not be able > to view each others source code (== cheating). We are using the security > manager to enforce this (so one context cannot open files in another). > > Less than 5% of the pages on the system are static, so we are using Tomcat > in standalone mode on a Linux system. We have made contexts for each user > so that we can override the location of home directories, log files, etc. > Note that students do not have logins on this machine; their Tomcat-related > files are exported to student use machines. See the bottom of this email > for pertinent config info. > > The server starts up correctly (./startup.sh -security) and deploys and > serves the webapps fine. But here's the problem: when a user decides to > make a new jsp file, Tomcat cannot compile or process that new file. > The old files in the directory still display properly; Tomcat gives a > Permission Denied error citing the working directory version of the new file > in question. > > -> message > /usr/local/jakarta-tomcat-4.0.3/work/localhost/user/tomcat/webapps/jsp/grade > rFiles/graderC$jsp.java (Permission denied) > > Here's some site-specific config info that will be useful. Tomcat version: > 4.0.3 Standalone from binaries There are about 250 contexts that get loaded > when the server starts. A `ps aux` listing shows about 500 processes > associated with Tomcat running. The machine is a P3-800 with 512 MB of > memory, and does not have any other heavy services running on it, so Tomcat > has full run of the box. If you need more info for diagnosis, email me and > I will provide it. > > Does anyone have experience setting up a system along these lines? I > realize it's probably an extension of what Tomcat is supposed to be used for > with all the different contexts, but there has to be a way! Any help is > appreciated. > > server.xml without comments > =========================== > <Server port="8005" shutdown="SHUTDOWN" debug="0"> > <Service name="Tomcat-Standalone"> > <Connector > className="org.apache.catalina.connector.http.HttpConnector" > port="8080" minProcessors="5" maxProcessors="75" > enableLookups="true" redirectPort="8443" > acceptCount="10" debug="0" connectionTimeout="60000"/> > > <Engine name="Standalone" defaultHost="localhost" debug="0"> > > <Logger className="org.apache.catalina.logger.FileLogger" > prefix="catalina_log." suffix=".txt" > timestamp="true"/> > > <Host name="localhost" debug="0" appBase="webapps" > unpackWARs="true"> > > <!-- user1 --> > <Context path="/user1" docBase="/tomcat/user1" > debug="0" reloadable="true" crossContext="false"> > </Context> > <!-- user2 --> > <Context path="/user2" docBase="/tomcat/user2" > debug="0" reloadable="true" crossContext="false"> > </Context> > > </Host> > </Engine> > </Service> > </Server> > =========================== > > Thanks in advance for any help you can provide. Apologies for the lengthy > email. > > Pat Schaider > doctor {at} wt {dot} net > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > ********************************************************************** > The information contained in this e-mail is confidential and is > intended only for the use of the addressee(s). > If you receive this e-mail in error, any use, distribution or > copying of this e-mail is not permitted. You are requested to > forward unwanted e-mail and address any problems to the > MIM Holdings Limited Support Centre. > > For general enquires: ++61 7 3833 8000 > Support Centre e-mail: [EMAIL PROTECTED] > Support Centre phone: Australia 1800500646 > International ++61 7 38338042 > ********************************************************************** > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
