You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by la...@apache.org on 2001/01/08 13:15:22 UTC
cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/modules/session SimpleSessionStore.java
larryi 01/01/08 04:15:22
Modified: src/etc tomcat.policy
src/facade22/org/apache/tomcat/facade
RequestDispatcherImpl.java
src/share/org/apache/tomcat/modules/config
PolicyInterceptor.java
src/share/org/apache/tomcat/modules/session
SimpleSessionStore.java
Log:
Port Glenn Nielsen's securtity patches from Tomcat 3.2.
tomcat.policy:
Updated for default permissions. Fix grant for javac.
RequestDispacherImpl.java:
If a SecurityManager is being used, wrap forward() and include() with an
AccessController.doPrivileged()
PolicyInterceptor.java:
Updated for default permissions, fix windows default FilePermission
SimpleSessionStore.java:
Fix SimpleSessionManager.getNewSession() so it works with a
SecurityManager
Revision Changes Path
1.7 +6 -5 jakarta-tomcat/src/etc/tomcat.policy
Index: tomcat.policy
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/etc/tomcat.policy,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- tomcat.policy 2000/08/24 16:58:33 1.6
+++ tomcat.policy 2001/01/08 12:15:21 1.7
@@ -1,7 +1,7 @@
-// Additional permissions for tomcat.
+// Permissions for tomcat.
// javac
-grant codeBase "file:${java.home}/lib/-" {
+grant codeBase "file:${java.home}/../lib/-" {
permission java.security.AllPermission;
};
@@ -15,10 +15,11 @@
};
// Example webapp policy
-// By default we grant read access on webapp dir
-// and read of the line.separator PropertyPermission
+// By default Tomcat grants read access on webapp dir and read of the
+// line.separator, path.separator, and file.separator PropertyPermissions.
+// Any permissions you grant here are in addition to the default.
grant codeBase "file:${tomcat.home}/webapps/examples" {
- permission java.net.SocketPermission "localhost:1024-", "listen";
+ // Allow the example web application to read all java properties
permission java.util.PropertyPermission "*", "read";
};
1.10 +55 -0 jakarta-tomcat/src/facade22/org/apache/tomcat/facade/RequestDispatcherImpl.java
Index: RequestDispatcherImpl.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/facade22/org/apache/tomcat/facade/RequestDispatcherImpl.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- RequestDispatcherImpl.java 2001/01/07 00:08:59 1.9
+++ RequestDispatcherImpl.java 2001/01/08 12:15:21 1.10
@@ -64,6 +64,7 @@
import org.apache.tomcat.util.StringManager;
import java.io.*;
import java.util.*;
+import java.security.*;
import javax.servlet.*;
import javax.servlet.http.*;
@@ -138,6 +139,33 @@
public void forward(ServletRequest request, ServletResponse response)
throws ServletException, IOException
{
+ if( System.getSecurityManager() != null ) {
+ final ServletRequest req = request;
+ final ServletResponse res = response;
+ try {
+ java.security.AccessController.doPrivileged(
+ new java.security.PrivilegedExceptionAction()
+ {
+ public Object run() throws ServletException, IOException {
+ doForward(req,res);
+ return null;
+ }
+ }
+ );
+ } catch( PrivilegedActionException pe) {
+ Exception e = pe.getException();
+ if( e instanceof ServletException )
+ throw (ServletException)e;
+ throw (IOException)e;
+ }
+ } else {
+ doForward(request,response);
+ }
+ }
+
+ private void doForward(ServletRequest request, ServletResponse response)
+ throws ServletException, IOException
+ {
/** We need to find the request/response. The servlet API
* guarantees that we will receive the original request as parameter.
*/
@@ -215,6 +243,33 @@
}
public void include(ServletRequest request, ServletResponse response)
+ throws ServletException, IOException
+ {
+ if( System.getSecurityManager() != null ) {
+ final ServletRequest req = request;
+ final ServletResponse res = response;
+ try {
+ java.security.AccessController.doPrivileged(
+ new java.security.PrivilegedExceptionAction()
+ {
+ public Object run() throws ServletException, IOException {
+ doInclude(req,res);
+ return null;
+ }
+ }
+ );
+ } catch( PrivilegedActionException pe) {
+ Exception e = pe.getException();
+ if( e instanceof ServletException )
+ throw (ServletException)e;
+ throw (IOException)e;
+ }
+ } else {
+ doInclude(request,response);
+ }
+ }
+
+ private void doInclude(ServletRequest request, ServletResponse response)
throws ServletException, IOException
{
Request realRequest = ((HttpServletRequestFacade)request).
1.3 +7 -1 jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java
Index: PolicyInterceptor.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/config/PolicyInterceptor.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- PolicyInterceptor.java 2001/01/01 02:07:23 1.2
+++ PolicyInterceptor.java 2001/01/08 12:15:22 1.3
@@ -131,12 +131,18 @@
{
// Add default read "-" FilePermission for docBase, classes, lib
// Default per context permissions
- FilePermission fp = new FilePermission(base + "/-", "read");
+ FilePermission fp = new FilePermission(base + File.separator + "-", "read");
if( fp != null )
p.add((Permission)fp);
// JspFactory.getPageContext() runs in JSP Context and needs the below
// permission during the init of a servlet generated from a JSP.
PropertyPermission pp = new PropertyPermission("line.separator","read");
+ if( pp != null )
+ p.add((Permission)pp);
+ pp = new PropertyPermission("file.separator", "read");
+ if( pp != null )
+ p.add((Permission)pp);
+ pp = new PropertyPermission("path.separator", "read");
if( pp != null )
p.add((Permission)pp);
}
1.7 +25 -2 jakarta-tomcat/src/share/org/apache/tomcat/modules/session/SimpleSessionStore.java
Index: SimpleSessionStore.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/modules/session/SimpleSessionStore.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- SimpleSessionStore.java 2001/01/01 00:17:23 1.6
+++ SimpleSessionStore.java 2001/01/08 12:15:22 1.7
@@ -66,6 +66,7 @@
import java.util.*;
import org.apache.tomcat.util.collections.SimplePool;
import org.apache.tomcat.util.log.*;
+import java.security.*;
//import org.apache.tomcat.session.*;
@@ -427,8 +428,30 @@
// XXX can return MessageBytes !!!
-
- String newId= SessionIdGenerator.getIdentifier(randomSource, jsIdent);
+ /**
+ * When using a SecurityManager and a JSP page or servlet triggers
+ * creation of a new session id it must be performed with the
+ * Permissions of this class using doPriviledged because the parent
+ * JSP or servlet may not have sufficient Permissions.
+ */
+ String newId;
+ if( System.getSecurityManager() != null ) {
+ class doInit implements PrivilegedAction {
+ private Random randomSource;
+ private String jsIdent;
+ public doInit(Random rs, String ident) {
+ randomSource = rs;
+ jsIdent = ident;
+ }
+ public Object run() {
+ return SessionIdGenerator.getIdentifier(randomSource, jsIdent);
+ }
+ }
+ doInit di = new doInit(randomSource,jsIdent);
+ newId= (String)AccessController.doPrivileged(di);
+ } else {
+ newId= SessionIdGenerator.getIdentifier(randomSource, jsIdent);
+ }
// What if the newId belongs to an existing session ?
// This shouldn't happen ( maybe we can try again ? )