Data dir included in the .war distribution is wide open for the world to see...
Description
Environment
Activity
codehaus April 10, 2015 at 4:46 PM
CodeHaus Comment From: jdeolive - Time: Wed, 5 Mar 2008 05:41:46 -0600
---------------------
<p>Integrated in geoserver-trunk #375 (See <a href="http://gridlock.openplans.org:8080/hudson/job/geoserver-trunk/375/" class="external-link" rel="nofollow">http://gridlock.openplans.org:8080/hudson/job/geoserver-trunk/375/</a>)</p>
codehaus April 10, 2015 at 4:46 PM
CodeHaus Comment From: aaime - Time: Wed, 5 Mar 2008 05:05:56 -0600
---------------------
<p>Tested a different approach which requires less modifications: we just stick the file hider servlet on the /data/* path and that effectively hides whatever is in the data dir. The file publisher then exposes just what we want.
This approach is better, Jody made me remember that we moved the data dir out of WEB-INF because otherwise under certain web containers it would have been unreachable (was that jboss? can't remember).</p>
codehaus April 10, 2015 at 4:46 PM
CodeHaus Comment From: aaime - Time: Wed, 5 Mar 2008 01:42:04 -0600
---------------------
<p>That would require a major change in how GeoServer is started up unfortunately, we'd have to make the Data class an indirection to the actual data class. At the moment Data loads the data dir content during the spring context startup, this basically mean, either the data dir is there where it's supposed to be, or GeoServer won't wire up properly and die.
I agree it would be advisable to do what you say, we have to consider it when we rewrite the config and ui subsystem.</p>
codehaus April 10, 2015 at 4:46 PM
CodeHaus Comment From: robsco - Time: Tue, 4 Mar 2008 16:43:03 -0600
---------------------
<p>it would be nice if on deployment Geoserver looked to see if a data dir was installed, and if not provided an option to choose it at the admin screen.</p>
<p>other requests would throw a meaningful error message of course <img class="emoticon" src="https://jira.codehaus.org/images/icons/emoticons/smile.gif" height="16" width="16" align="absmiddle" alt="" border="0"/></p>
codehaus April 10, 2015 at 4:46 PM
CodeHaus Comment From: aaime - Time: Tue, 4 Mar 2008 07:34:18 -0600
---------------------
<p>Yeah, 1.6.x already has watermarking in, and I think most of the developer still haven't had a look at it. I would feel better doing an svn copy of 1.6.1 tag into 1.6.2, patch there, and re-release</p>
Basically everyone can see the contents of the data dir besides the services and catalog files that are explicitly hidden.
I'd say we reverse the situation, can we put the data dir into WEB-INF so that it's not visible at all unless we explicitly publish something with the file publisher?
Alternatively, it can stay there, we register the file hider to catch and hide everything into that dir. The file publisher is using paths other than data anyways, no?
(e.g. http://hostort/geoserver/www - http://host:port/geoserver/styles).