Changeset 33461
- Timestamp:
- 2019-09-11T19:45:51+12:00 (5 years ago)
- Location:
- main/trunk/greenstone3
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/build.properties.svn
r32762 r33461 8 8 # but not remotely 9 9 tomcat.server=localhost 10 11 # Allow/disallow symlinks inside the web application 12 # Note however, that a value of true for this property will nevertheless be disregarded on Windows, 13 # because it has a case insensitive filesystem where a true setting would have had security 14 # implications otherwise. 15 # Beware that if you are working on any other operating system with a case insensitive filesystem, 16 # you should ensure this value remains set to false for security reasons. 17 tomcat.user.allowLinking=false 10 18 11 19 # server.protocols must contain 'http' or 'https' or both (in order of preference) separated by commas -
main/trunk/greenstone3/build.xml
r33089 r33461 98 98 </condition> 99 99 100 <echo>@@@@@@@@@@@@ Current OS iswindows: ${current.os.iswindows}</echo> 101 100 102 <!-- create build.properties if it has not been created yet --> 101 103 <if> … … 120 122 </if> 121 123 124 <!-- Check for whether tomcat is to allow symlinks or not. This should always be false 125 for Windows. And ideally also for any other OS with a case insensitive filesystem, but 126 we can only detect Windows and override user assigned true value for Windows to false. --> 127 <condition property="tomcat.allowLinking" value="false" else="${tomcat.user.allowLinking}"> 128 <and> 129 <istrue value="${tomcat.user.allowLinking}"/> 130 <isset property="current.os.iswindows"/> 131 </and> 132 </condition> 133 <if> 134 <bool> 135 <and> 136 <isset property="tomcat.user.allowLinking"/> 137 <istrue value="${tomcat.user.allowLinking}"/> 138 </and> 139 </bool> 140 <if><bool><isfalse value="${tomcat.allowLinking}"/></bool> 141 <echo>NOTE: 142 Although the tomcat.user.allowLinking property was set to true, 143 overriding this to use false instead for security reasons, 144 since the Windows OS has a case insensitive filesystem. 145 </echo> 146 <else> 147 <echo>WARNING: 148 tomcat.user.allowLinking property was set to true. 149 The tomcat server will be set to use this. 150 But if you're on an operating system where the filesystem is case INsensitive, 151 then ensure tomcat.user.allowLinking's value is set to false for security reasons. 152 </echo> 153 </else> 154 </if> 155 </if> 156 157 <echo>@@@@@@ tomcat.allowLinking is set to ${tomcat.allowLinking}</echo> 158 <echo>tomcat.user.allowLinking is set to ${tomcat.user.allowLinking}</echo> 159 122 160 <if> 123 161 <bool><not><matches string="${server.protocols}" pattern="^\s*(https?|http\s*,\s*https|https\s*,\s*http)\s*$"/></not></bool> … … 2298 2336 <filter token="gsdl3webwritablehome" value="${web.writablehome}"/> 2299 2337 <filter token="privilegedattribute" value="${privileged.attribute}"/> 2338 <filter token="allowlinking" value="${tomcat.allowLinking}"/> 2300 2339 <filter token="allowedIPs" value="${allowed.IPs}"/> 2301 2340 <filter token="derbyserver" value="${derby.server}"/> -
main/trunk/greenstone3/resources/tomcat/greenstone3.xml.svn
r32313 r33461 8 8 debug="1" reloadable="true" 9 9 @privilegedattribute@ 10 allowLinking=" false"10 allowLinking="@allowlinking@" 11 11 xmlBlockExternal="false"> 12 <Resources allowLinking="@allowlinking@" /> 12 13 13 14 <!--
Note:
See TracChangeset
for help on using the changeset viewer.