[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
** Tags added: testcase -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in Ubuntu. https://bugs.launchpad.net/bugs/569118 Title: improper group write permission for /var/lib/tomcat6/webapps To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tomcat6/+bug/569118/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
This bug was fixed in the package tomcat6 - 6.0.24-2ubuntu1.1 --- tomcat6 (6.0.24-2ubuntu1.1) lucid-proposed; urgency=low * debian/patches/fix-jsp-regression.patch: Fix regression in JSP compilation that resulted in "Duplicate local variable" errors when using Struts 1.2 or bean:define (LP: #563642) * debian/tomcat6.{postinst,prerm}: Respect TOMCAT6_USER and TOMCAT6_GROUP as defined in /etc/default/tomcat6 when setting directory permissions and authbind configuration (LP: #557300) * debian/tomcat6.postinst: Use group "tomcat6" instead of "adm" for permissions in /var/lib/tomcat6, so that group "adm" doesn't get write permissions over /var/lib/tomcat6/webapps (LP: #569118) -- Thierry CarrezFri, 21 May 2010 10:11:35 +0200 ** Changed in: tomcat6 (Ubuntu Lucid) Status: Fix Committed => Fix Released -- improper group write permission for /var/lib/tomcat6/webapps https://bugs.launchpad.net/bugs/569118 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
** Tags added: verification-done ** Tags removed: verification-needed -- improper group write permission for /var/lib/tomcat6/webapps https://bugs.launchpad.net/bugs/569118 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
** Branch linked: lp:ubuntu/tomcat6 -- improper group write permission for /var/lib/tomcat6/webapps https://bugs.launchpad.net/bugs/569118 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
This bug was fixed in the package tomcat6 - 6.0.26-2 --- tomcat6 (6.0.26-2) unstable; urgency=low * debian/tomcat6.{postinst,prerm}: Respect TOMCAT6_USER and TOMCAT6_GROUP as defined in /etc/default/tomcat6 when setting directory permissions and authbind configuration (Closes: #581018, LP: #557300) * debian/tomcat6.postinst: Use group "tomcat6" instead of "adm" for permissions in /var/lib/tomcat6, so that group "adm" doesn't get write permissions over /var/lib/tomcat6/webapps (LP: #569118) tomcat6 (6.0.26-1) unstable; urgency=low * New upstream version * Apply patch from Mark Scott to fix tomcat6-instance-create which failed when multiple commandline options are provided, fix creation of FULLPATH (Closes: #575580) tomcat6 (6.0.24-5) unstable; urgency=low * Added optimised garbage collection options to tomcat6's default options. Thanks to Aaron J. Zirbes and Thierry Carrez for research and the patch. (Closes: LP: #541520) * Updated the changelog to mention closed CVE's in the 6.0.24-1 release. * Applied patch from Arto Jantunen fixing an issue with cleaning up the pid-file. (Closes: #574084) tomcat6 (6.0.24-4) unstable; urgency=low * debian/tomcat6.postrm: fix removal of Tomcat (Closes: #567548) * Set UTF-8 as default character encoding - Patch by Thomas Koch (Closes: #573539) tomcat6 (6.0.24-3) unstable; urgency=medium * Set the major, minor and build versions when calling Ant (Closes: LP: #495505) * Rebuild with a more recent version of maven-repo-helper which puts the javax jars at the correct location in the Maven repository. Fixes several FTBFS in other packages. -- Thierry CarrezFri, 04 Jun 2010 14:12:22 +0100 ** Changed in: tomcat6 (Ubuntu) Status: Fix Committed => Fix Released -- improper group write permission for /var/lib/tomcat6/webapps https://bugs.launchpad.net/bugs/569118 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
** Branch linked: lp:ubuntu/lucid-proposed/tomcat6 -- improper group write permission for /var/lib/tomcat6/webapps https://bugs.launchpad.net/bugs/569118 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
Accepted tomcat6 into lucid-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance! ** Tags added: verification-needed -- improper group write permission for /var/lib/tomcat6/webapps https://bugs.launchpad.net/bugs/569118 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
** Branch linked: lp:debian/sid/tomcat6 -- improper group write permission for /var/lib/tomcat6/webapps https://bugs.launchpad.net/bugs/569118 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
** Changed in: tomcat6 (Ubuntu) Status: Confirmed => Fix Committed ** Changed in: tomcat6 (Ubuntu Lucid) Status: In Progress => Fix Committed -- improper group write permission for /var/lib/tomcat6/webapps https://bugs.launchpad.net/bugs/569118 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
** Description changed: Binary package hint: tomcat6 On fresh Ubuntu 10.04 LTS install of tomcat6 6.0.24-2ubuntu1, the /var/lib/tomcat6/webapps has the following permissions: /var/lib/tomcat6/webapps drwxrwxr-x tomcat6 adm 'adm' seems like on odd default choice of group here, since typically people in the adm are allowed to read log files. The following command demonstrates this: $ sudo find / -group adm -ls I suggested fix is to change the group to 'tomcat6', since the directory already has 'r-x' for 'other'. This is not release critical for Lucid, but should be fixed nevertheless. + + == SRU Report == + Impact: + Members of the adm group can modify and deploy tomcat6 webapps. This group is not a tomcat6 admin group, it's a log files reading group. + + Development branch fix: + We are trying to keep sync with Debian, fix was proposed to debian-java SVN and pending release. + + Minimal patch: + http://bazaar.launchpad.net/~ttx/tomcat6/lucid-sru/revision/22 + + TEST CASE: + $ sudo apt-get install tomcat6 + $ ls -ld /var/lib/tomcat6/webapps + Affected version returns: drwxrwxr-x tomcat6:adm /var/lib/tomcat6/webapps + Fixed version returns: drwxrwxr-x tomcat6:tomcat6 /var/lib/tomcat6/webapps + + Regression potential: + Admins might have relied on giving people access to the "adm" group in order to let them deploy tomcat6 webapps, they would need to add their users to the "tomcat6" group instead. -- improper group write permission for /var/lib/tomcat6/webapps https://bugs.launchpad.net/bugs/569118 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
** Branch linked: lp:~ttx/tomcat6/lucid-sru -- improper group write permission for /var/lib/tomcat6/webapps https://bugs.launchpad.net/bugs/569118 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 569118] Re: improper group write permission for /var/lib/tomcat6/webapps
** Also affects: tomcat6 (Ubuntu Lucid) Importance: Undecided Status: New ** Changed in: tomcat6 (Ubuntu Lucid) Importance: Undecided => Low ** Changed in: tomcat6 (Ubuntu Lucid) Status: New => In Progress ** Changed in: tomcat6 (Ubuntu Lucid) Assignee: (unassigned) => Thierry Carrez (ttx) -- improper group write permission for /var/lib/tomcat6/webapps https://bugs.launchpad.net/bugs/569118 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to tomcat6 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs