From e118a08c25d87c29e2870d2956c6343436f94935 Mon Sep 17 00:00:00 2001 From: markt Date: Sun, 23 Dec 2007 19:22:18 +0000 Subject: [PATCH] Fix CVE-2007-5342. Limit JULI privs to just those required to prevent per web-app configurations having too many privs. git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@606594 13f79535-47bb-0310-9956-ffa450edef68 --- conf/catalina.policy | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/conf/catalina.policy b/conf/catalina.policy index ffef72654..6ab5be713 100644 --- a/conf/catalina.policy +++ b/conf/catalina.policy @@ -62,7 +62,19 @@ grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" { // These permissions apply to the logging API grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" { - permission java.security.AllPermission; + permission java.util.PropertyPermission "java.util.logging.config.class", "read"; + permission java.util.PropertyPermission "java.util.logging.config.file", "read"; + permission java.lang.RuntimePermission "shutdownHooks"; + permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read"; + permission java.util.PropertyPermission "catalina.base", "read"; + permission java.util.logging.LoggingPermission "control"; + permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write"; + permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write"; + permission java.lang.RuntimePermission "getClassLoader"; + // To enable per context logging configuration, permit read access to the appropriate file. + // Be sure that the logging configuration is secure before enabling such access + // eg for the examples web application: + // permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read"; }; // These permissions apply to the server startup code -- 2.11.0