You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ts...@apache.org on 2013/06/03 10:25:06 UTC
git commit: updated refs/heads/master to 54127f8
Updated Branches:
refs/heads/master 723a45573 -> 54127f838
CLOUDSTACK-2758: Fix permissions of catalina.out
Because of CVE 2013-1976, catalina.out gets owned by root. Since
cloudstack-management is run under a privileged user env. of cloud have
cloud ($TOMCAT_USER) own the catalina.out.
Signed-off-by: Prasanna Santhanam <ts...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/54127f83
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/54127f83
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/54127f83
Branch: refs/heads/master
Commit: 54127f838eb0904c89d87aea34cffad6eb738fd6
Parents: 723a455
Author: Prasanna Santhanam <ts...@apache.org>
Authored: Mon Jun 3 13:53:19 2013 +0530
Committer: Prasanna Santhanam <ts...@apache.org>
Committed: Mon Jun 3 13:54:52 2013 +0530
----------------------------------------------------------------------
client/tomcatconf/classpath.conf.in | 8 ++++++++
1 files changed, 8 insertions(+), 0 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/54127f83/client/tomcatconf/classpath.conf.in
----------------------------------------------------------------------
diff --git a/client/tomcatconf/classpath.conf.in b/client/tomcatconf/classpath.conf.in
index 3ae0fb4..f2aeeba 100644
--- a/client/tomcatconf/classpath.conf.in
+++ b/client/tomcatconf/classpath.conf.in
@@ -36,3 +36,11 @@ done
export CLASSPATH
PATH=/sbin:/usr/sbin:$PATH
export PATH
+
+#catalina.out owned by `cloud` not `root`
+if [ ! -f $TOMCAT_LOG ]; then
+ touch $TOMCAT_LOG
+ chown $TOMCAT_USER:$TOMCAT_USER $TOMCAT_LOG
+else
+ chown $TOMCAT_USER:$TOMCAT_USER $TOMCAT_LOG
+fi