You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2010/10/26 04:36:37 UTC
DO NOT REPLY [Bug 50156] New: AccessLogValve.rotate() overwrites the
existing file
https://issues.apache.org/bugzilla/show_bug.cgi?id=50156
Summary: AccessLogValve.rotate() overwrites the existing file
Product: Tomcat 6
Version: 6.0.29
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
AssignedTo: dev@tomcat.apache.org
ReportedBy: mashmk02@gmail.com
Created an attachment (id=26210)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=26210)
patch for AccessLogValve.java
AccessLogValve.rotate() rename the existing log file to something else via JMX.
If you specify "../log.txt" for a new filename, the existing log file is
renamed to "<Tomcat boot directory>/../log.txt".
And, rotate() overwrite other existing files, if tomcat startup user has the
write permission on those files.
For example...
---
Tomcat install directory: /opt/tomcat6
Install & Startup user : tomcat6
Specified new filename : /opt/tomcat6/lib/catalina.jar
---
If this is the case, the access log file overwrites catalina.jar.
I attached the patch file.
Best regards.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 50156] AccessLogValve.rotate() overwrites the
existing file
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50156
--- Comment #1 from Chuck Caldarale <ch...@unisys.com> 2010-10-25 23:12:50 EDT ---
(In reply to comment #0)
> If you specify "../log.txt" for a new filename, the existing log file is
> renamed to "<Tomcat boot directory>/../log.txt".
> And, rotate() overwrite other existing files, if tomcat startup user has the
> write permission on those files.
And has permission to use JMX to manipulate Tomcat, which can lead to all sorts
of disastrous results if used unwisely. If you have the privilege to modify
the Tomcat configuration, you are expected to do so responsibly.
Note also that your patch prevents anyone from moving the log file(s) to some
directory other than the original - severely reducing flexibility.
- Chuck
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 50156] AccessLogValve.rotate() overwrites the
existing file
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50156
Eiji Takahashi <ma...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #26210|0 |1
is obsolete| |
--- Comment #3 from Eiji Takahashi <ma...@gmail.com> 2010-10-26 04:21:08 EDT ---
Created an attachment (id=26214)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=26214)
patch for AccessLogValve
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 50156] AccessLogValve.rotate() overwrites the
existing file
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50156
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
--- Comment #4 from Mark Thomas <ma...@apache.org> 2010-10-26 08:44:50 EDT ---
Malicious users shouldn't have access to the JMX interface. If they do, they
can do far more damage than this.
There are legitimate use cases for over-writing an existing file and whilst
there are alternative solutions for those use cases I don't see any reason to
tie the hands of a system administrator unnecessarily.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
DO NOT REPLY [Bug 50156] AccessLogValve.rotate() overwrites the
existing file
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=50156
--- Comment #2 from Eiji Takahashi <ma...@gmail.com> 2010-10-26 04:20:00 EDT ---
(In reply to comment #1)
> (In reply to comment #0)
> > If you specify "../log.txt" for a new filename, the existing log file is
> > renamed to "<Tomcat boot directory>/../log.txt".
> > And, rotate() overwrite other existing files, if tomcat startup user has the
> > write permission on those files.
>
> And has permission to use JMX to manipulate Tomcat, which can lead to all sorts
> of disastrous results if used unwisely. If you have the privilege to modify
> the Tomcat configuration, you are expected to do so responsibly.
I agree, but a malicious user might do it.
Therefore, I think that some kind of limitations are necessary.
# restrict moving to some directory, or ignore the operation if the specified
name exists.
>
> Note also that your patch prevents anyone from moving the log file(s) to some
> directory other than the original - severely reducing flexibility.
>
> - Chuck
An old patch was not correct. I will attach the patch.
regards.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org