You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Apache Wiki <wi...@apache.org> on 2015/03/03 18:11:36 UTC

[Tomcat Wiki] Update of "RemoveUnpackWARs" by ChristopherSchultz

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification.

The "RemoveUnpackWARs" page has been changed by ChristopherSchultz:
https://wiki.apache.org/tomcat/RemoveUnpackWARs?action=diff&rev1=1&rev2=2

  
  The removal of unpackWARs would effectively require the deployment of web applications as exploded directories if the appBase was to remain read-only to the Tomcat user.
  
+ An alternative to removing uppackWARs in this case might be to move the location of the unpacked WAR files: the appBase is still the *source* of all WAR data, but unpacked WAR files would be unpacked elsewhere -- such as into the work directory, etc. This would allow a read-only appBase and still allow unpackWARs=true. From a security point of view, the work directory itself is still vulnerable, but it would not be possible (given a pre-existing application or container vulnerability) for an attacker to deploy a completely new WAR onto the container.
+ 
+ 
+ === Actually read-only filesystem ===
+ If the filesystem is actually read-only (or effectively so, where the effective Tomcat user has no file-write rights whatsoever), then unpackWARs must be true in order to deploy. If all JSPs are pre-compiled and logs are not written to disk, Tomcat should be able to run on a read-only filesystem.
  
  === Other use cases ===
  

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

RE: [Tomcat Wiki] Update of "RemoveUnpackWARs" by ChristopherSchultz

Posted by "Caldarale, Charles R" <Ch...@unisys.com>.

> From: Apache Wiki [mailto:wikidiffs@apache.org] 
> Subject: [Tomcat Wiki] Update of "RemoveUnpackWARs" by ChristopherSchultz
 
> + === Actually read-only filesystem ===
> + If the filesystem is actually read-only (or effectively so, where the effective 
> Tomcat user has no file-write rights whatsoever), then unpackWARs must be true in 
> order to deploy. 

Is the above unpackWARs setting backwards from what you intended?  Having it true on a read-only file system would seem to guarantee access errors.

 - Chuck


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org