[EMAIL PROTECTED] wrote:
> On 4 May 2002 [EMAIL PROTECTED] wrote:
>
>
>> Make the "/deploy" command recognize a "META-INF/context.xml" file embedded
>> inside the WAR, and process it as a context configuration file. This allows
>> deployment tool clients to customize the configuration of a webapp with
>> exactly the same degree of freedom as those that use the "/install" command,
>> with the added benefit of being able to deploy onto a Tomcat instance
>> running on a different server.
>>
>
> This is a very dangerous path... Having server-config info in the webapp
> is extremely dangerous, it may (easily) break the sandbox.
>
> Unless there's something I'm missing, context.xml will allow loading of
> valves and other modules that have access to the server internal objects.
> This is a huge security hole.
>
> Well, having the config files in webapps/ is dangerous too - IMHO
> all potentially dangerous configs should be in conf/, since webapps
> may be writtable to more groups. But this is far worse.
>
> At least add a check to disable this if a security manager is present.
>
>
I agree, I added a Host config flag called "deployXML" which can disable this
for context.xml files in the webapps dir. As long as this flag works for
/META-INF/context.xml we are covered.
Regards,
Glenn
----------------------------------------------------------------------
Glenn Nielsen [EMAIL PROTECTED] | /* Spelin donut madder |
MOREnet System Programming | * if iz ina coment. |
Missouri Research and Education Network | */ |
----------------------------------------------------------------------
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
