chroot'ing Tomcat and the Brittain BadInputFilterValve

[Mark Petrovic <ms...@gmail.com>]

Good day.

After putting this off for too long, I finally got around to experimenting
with chroot'ing Tomcat.  My travails may help someone going through the same
process

http://www.petrovic.org/blog/?p=126

Same story for finally deploying the J. Brittain BadInputFilterValve under
Tomcat 5.5.12

http://www.petrovic.org/blog/?p=137

-- 
Mark

Re: chroot'ing Tomcat and the Brittain BadInputFilterValve

[Mark Petrovic <ms...@gmail.com>]

Good day.

Regarding the chroot  jail account below, in "Update 5/13/2006"

http://www.petrovic.org/blog/?p=126

I have included a shell script that automates the creation of the jail and
the placing of Tomcat and Java in it.  It may be useful for first-time
creation of the jail and in the event of backup/recovery.

Tuning for your system will almost certainly be required, but I have refined
it to the point where I can do

$ sh makeChroot
$ /etc/init.d/tomcat start

The script assumes the binary distributions of Tomcat and the Java binary
installer in the directory from which it is executed.

Note that the script creates a conf/server.xml that is essentially the
default, but with comments pruned for easy viewing.  It also creates
conf/tomcat-users.xml and /etc/init.d/tomcat.

Hopefully this will help someone working on this problem.

On 5/11/06, Mark Petrovic <ms...@gmail.com> wrote:
>
> Good day.
>
> After putting this off for too long, I finally got around to experimenting
> with chroot'ing Tomcat.  My travails may help someone going through the same
> process
>
> http://www.petrovic.org/blog/?p=126
>
> Same story for finally deploying the J. Brittain BadInputFilterValve under
> Tomcat 5.5.12
>
> http://www.petrovic.org/blog/?p=137
>
> --
> Mark
>



-- 
Mark
AE6RT