Fix CVE-2007-5342. Limit JULI privs to just those required to prevent per web-app...

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@606594 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/conf/catalina.policy b/conf/catalina.policy
index ffef726..6ab5be7 100644 (file)
--- a/conf/catalina.policy
+++ b/conf/catalina.policy
@@ -62,7 +62,19 @@ grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" {
 
 // These permissions apply to the logging API
 grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
-        permission java.security.AllPermission;
+        permission java.util.PropertyPermission "java.util.logging.config.class", "read";
+        permission java.util.PropertyPermission "java.util.logging.config.file", "read";
+        permission java.lang.RuntimePermission "shutdownHooks";
+        permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
+        permission java.util.PropertyPermission "catalina.base", "read";
+        permission java.util.logging.LoggingPermission "control";
+        permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write";
+        permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write";
+        permission java.lang.RuntimePermission "getClassLoader";
+        // To enable per context logging configuration, permit read access to the appropriate file.
+        // Be sure that the logging configuration is secure before enabling such access
+        // eg for the examples web application:
+        // permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read";
 };
 
 // These permissions apply to the server startup code