You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Apache Wiki <wi...@apache.org> on 2015/03/03 18:11:36 UTC
[Tomcat Wiki] Update of "RemoveUnpackWARs" by ChristopherSchultz
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification.
The "RemoveUnpackWARs" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/RemoveUnpackWARs?action=diff&rev1=1&rev2=2
The removal of unpackWARs would effectively require the deployment of web applications as exploded directories if the appBase was to remain read-only to the Tomcat user.
+ An alternative to removing uppackWARs in this case might be to move the location of the unpacked WAR files: the appBase is still the *source* of all WAR data, but unpacked WAR files would be unpacked elsewhere -- such as into the work directory, etc. This would allow a read-only appBase and still allow unpackWARs=true. From a security point of view, the work directory itself is still vulnerable, but it would not be possible (given a pre-existing application or container vulnerability) for an attacker to deploy a completely new WAR onto the container.
+
+
+ === Actually read-only filesystem ===
+ If the filesystem is actually read-only (or effectively so, where the effective Tomcat user has no file-write rights whatsoever), then unpackWARs must be true in order to deploy. If all JSPs are pre-compiled and logs are not written to disk, Tomcat should be able to run on a read-only filesystem.
=== Other use cases ===
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
RE: [Tomcat Wiki] Update of "RemoveUnpackWARs" by ChristopherSchultz
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Apache Wiki [mailto:wikidiffs@apache.org]
> Subject: [Tomcat Wiki] Update of "RemoveUnpackWARs" by ChristopherSchultz
> + === Actually read-only filesystem ===
> + If the filesystem is actually read-only (or effectively so, where the effective
> Tomcat user has no file-write rights whatsoever), then unpackWARs must be true in
> order to deploy.
Is the above unpackWARs setting backwards from what you intended? Having it true on a read-only file system would seem to guarantee access errors.
- Chuck
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org