Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Problem while writing file

Status
Not open for further replies.
alpaso

alpaso

Programmer
Oct 30, 2003
9
US
I am running Apache 2/Java web application in Solaris 8 under an account that is a member of groups "other" and "nobody".
There is a folder that the web application writes to that has "nobody" as both user and group access (with 755 access). Whenever the application attempts to write a file to these folders the java web application throws the following error:

java.io.FileNotFoundException: <folder_path>/doc_13682 (Permission denied)
java.io.FileOutputStream.open(Native Method)
java.io.FileOutputStream.<init>(FileOutputStream.java:179)
java.io.FileOutputStream.<init>(FileOutputStream.java:131)
nisbic.document.MultipartRequest.readAndSaveFile(MultipartRequest.java:555)
nisbic.document.MultipartRequest.readNextPart(MultipartRequest.java:479)
nisbic.document.MultipartRequest.writeRequestFiles(MultipartRequest.java:339)
DocHandler.uploadOrReplacePic(DocHandler.java:343)
DocHandler.doWork(DocHandler.java:185)
nisbic.util.NisbicServlet.doPost(NisbicServlet.java:356)
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)

where <folder_path> is the folder path

Why should this happen? since the user under which apache is running is already a member of nobody and other?
 
Sort by date Sort by votes
Are you running a java program as a CGI or are you running some application server like JBoss or Websphere, etc? If it's the latter, then it isn't the apache process that needs permission to write the file, it is the app server.
 
Upvote 0 Downvote
Hmm...yeah.. I am running the app under Tomcat.
Here is what I did: I added the Tomcat user to group "nobody". (It is also a member of "other")
and assigned 757 (rwxrwxr-x)permissions to the folder.
Can this cause a security risk?
The application is able to write the files now to the folder.

 
Upvote 0 Downvote
Hmm...yeah.. I am running the app under Tomcat.
Here is what I did: I added the Tomcat user to group "nobody". (It is also a member of "other")
and assigned 775 (rwxrwxr-x)permissions to the folder.
Can this cause a security risk?
The application is able to write the files now to the folder.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

spamjim
  • Locked
  • Question
Sorting out NTFS filesystem issues
Replies
0
Views
263
spamjim
spamjim
TSch
  • Locked
  • Question
Problem with NFS automount
Replies
1
Views
178
iggsterman
iggsterman
Agent0007
  • Locked
  • Question
Problem Configuring Kerberos
Replies
0
Views
229
Agent0007
Agent0007
kevinds
  • Locked
  • Question
Help With Per File/Folder Restriction Based on HTTPS Client Certificate's CN
Replies
0
Views
155
kevinds
kevinds
theniteowl
  • Locked
  • Question
Extracting specific files from a folder full of tar.gz files and writing them to a sub-folder 1
Replies
2
Views
281
theniteowl
theniteowl

Part and Inventory Search

Sponsor

Back
Top