-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Konstantin,
On 7/13/2009 10:06 PM, Konstantin Kolinko wrote: > See how allowLinking and caseSensitive options are implemented in > StandardContext. They are not implemented in StandardContext: they are implemented in FileDirContext and therefore should only affect content being served by the web server, not JAR files being loaded from the CLASSPATH. Here is the full implementation of the FileDirContext.file(String) method, for those too lazy to follow the link: http://svn.apache.org/repos/asf/tomcat/tc6.0.x/tags/TOMCAT_6_0_20/java/org/apache/naming/resources/FileDirContext.java protected File file(String name) { File file = new File(base, name); if (file.exists() && file.canRead()) { if (allowLinking) return file; // Check that this file belongs to our root path String canPath = null; try { canPath = file.getCanonicalPath(); } catch (IOException e) { } if (canPath == null) return null; // Check to see if going outside of the web application root if (!canPath.startsWith(absoluteBase)) { return null; } // Case sensitivity check if (caseSensitive) { String fileAbsPath = file.getAbsolutePath(); if (fileAbsPath.endsWith(".")) fileAbsPath = fileAbsPath + "/"; String absPath = normalize(fileAbsPath); if (canPath != null) canPath = normalize(canPath); if ((absoluteBase.length() < absPath.length()) && (absoluteBase.length() < canPath.length())) { absPath = absPath.substring(absoluteBase.length() + 1); if ((canPath == null) || (absPath == null)) return null; if (absPath.equals("")) absPath = "/"; canPath = canPath.substring(absoluteBase.length() + 1); if (canPath.equals("")) canPath = "/"; if (!canPath.equals(absPath)) return null; } } } else { return null; } return file; } So, from looking at this code, it appears that Java does not "know" the difference between a symbolic link and a hard link: it just lets the filesystem reveal the canonical path to the file (which is almost certainly different from a symbolic link) and compares the original name with the canonical name. If they are different, a symlink is implied and therefore rejected. Again, this appears to be only for static content loaded by code like DefaultServlet, not a policy enforced by Tomcat across all file accesses. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpcm6QACgkQ9CaO5/Lv0PAhUACdHVbATjp2xIkAVupWk4f9PzxR mV8AoK8wS1x3WUuHqX2XNDOZCk0SnuDk =P9Op -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
