Changeset 33461

11.09.2019 19:45:51 (7 days ago)

Implementing Diego Spano's suggested changes for tomcat's allowLinking configuration settings used to support symlinking from the web to folders outside the web app base folder. This confug setting needs to be set differently for tomcat 8. Its value used to be fixed to false in the past, so false becomes the new default. A new user configurable property is introduced in build.xml, tomcat.user.allowLinking. However, since apache's tomcat documentation says that the value should never be set to true for Windows or any OS where the filesystem is case insensitive, as this can affect security, build.xml internally uses a different new property called tomcat.allowLinking which works out the final value. For windows, this will always be false and a warning is printed when the user configurable property got overridden to false on Windows. When the user configurable property was set to true in any other case, a warning is printed on non-Windows OS about how the user should set the value to false if their OS has a case onsensitive file system. Finally, the calculated/sanitised value stored in tomcat.allowLinking propagates to greenstone.xml in place of the placeholders in the and ultimately greenstone.xml.svn files

3 modified


  • main/trunk/greenstone3/

    r32762 r33461  
    88# but not remotely 
     11# Allow/disallow symlinks inside the web application 
     12# Note however, that a value of true for this property will nevertheless be disregarded on Windows, 
     13# because it has a case insensitive filesystem where a true setting would have had security 
     14# implications otherwise. 
     15# Beware that if you are working on any other operating system with a case insensitive filesystem, 
     16# you should ensure this value remains set to false for security reasons. 
    1119# server.protocols must contain 'http' or 'https' or both (in order of preference) separated by commas 
  • main/trunk/greenstone3/build.xml

    r33089 r33461  
    9898  </condition> 
     100  <echo>@@@@@@@@@@@@ Current OS iswindows: ${current.os.iswindows}</echo> 
    100102  <!-- create if it has not been created yet --> 
    101103  <if> 
    120122  </if> 
     124  <!-- Check for whether tomcat is to allow symlinks or not. This should always be false 
     125       for Windows. And ideally also for any other OS with a case insensitive filesystem, but 
     126       we can only detect Windows and override user assigned true value for Windows to false. --> 
     127  <condition property="tomcat.allowLinking" value="false" else="${tomcat.user.allowLinking}"> 
     128    <and> 
     129      <istrue value="${tomcat.user.allowLinking}"/> 
     130      <isset property="current.os.iswindows"/> 
     131    </and> 
     132  </condition>   
     133  <if> 
     134    <bool> 
     135      <and> 
     136    <isset property="tomcat.user.allowLinking"/> 
     137    <istrue value="${tomcat.user.allowLinking}"/> 
     138      </and> 
     139    </bool> 
     140    <if><bool><isfalse value="${tomcat.allowLinking}"/></bool> 
     141    <echo>NOTE: 
     142      Although the tomcat.user.allowLinking property was set to true, 
     143      overriding this to use false instead for security reasons, 
     144      since the Windows OS has a case insensitive filesystem. 
     145      </echo>     
     146      <else> 
     147    <echo>WARNING: 
     148    tomcat.user.allowLinking property was set to true. 
     149    The tomcat server will be set to use this. 
     150    But if you're on an operating system where the filesystem is case INsensitive, 
     151    then ensure tomcat.user.allowLinking's value is set to false for security reasons. 
     152    </echo> 
     153      </else> 
     154    </if> 
     155  </if> 
     157  <echo>@@@@@@ tomcat.allowLinking is set to ${tomcat.allowLinking}</echo> 
     158  <echo>tomcat.user.allowLinking is set to ${tomcat.user.allowLinking}</echo> 
    122160  <if> 
    123161    <bool><not><matches string="${server.protocols}" pattern="^\s*(https?|http\s*,\s*https|https\s*,\s*http)\s*$"/></not></bool> 
    22982336        <filter token="gsdl3webwritablehome" value="${web.writablehome}"/> 
    22992337    <filter token="privilegedattribute" value="${privileged.attribute}"/> 
     2338    <filter token="allowlinking" value="${tomcat.allowLinking}"/> 
    23002339    <filter token="allowedIPs" value="${allowed.IPs}"/> 
    23012340    <filter token="derbyserver" value="${derby.server}"/> 
  • main/trunk/greenstone3/resources/tomcat/greenstone3.xml.svn

    r32313 r33461  
    88    debug="1" reloadable="true"  
    99    @privilegedattribute@ 
    10     allowLinking="false" 
     10    allowLinking="@allowlinking@" 
    1111    xmlBlockExternal="false"> 
     12    <Resources allowLinking="@allowlinking@" />