Project:
View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
ID | ||||||||
0035115 | ||||||||
Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
feature request | [Retail Modules] Mobile Warehouse operations | minor | have not tried | 2017-01-31 18:49 | 2017-03-09 09:31 | |||
Reporter | AugustoMauch | View Status | public | |||||
Assigned To | AugustoMauch | |||||||
Priority | normal | Resolution | fixed | Fixed in Version | ||||
Status | closed | Fix in branch | Fixed in SCM revision | 45991d82e750 | ||||
Projection | none | ETA | none | Target Version | ||||
OS | Any | Database | Any | Java version | ||||
OS Version | Database version | Ant version | ||||||
Product Version | SCM revision | |||||||
Review Assigned To | mtaal | |||||||
Regression level | ||||||||
Regression date | ||||||||
Regression introduced in release | ||||||||
Regression introduced by commit | ||||||||
Triggers an Emergency Pack | No | |||||||
Summary | 0035115: The SymmetricDS config files that are placed in the temporary folder should be deleteable by any user | |||||||
Description | If a user runs the install.symmetric.ds task in a server whose mobile server key is 'Central', the Central_symmetric-ds.properties file will be created. If another user with fewer permissions when runs any other SymmetricDS task, the task will fail because it will not be able to delete the properties file created by the previous user (these files are recreated each time a process is executed). To prevent this, the files should be created so that they can be deleted by any user. | |||||||
Steps To Reproduce | In a multiserver environment: - execute this task in the org.openbravo.replication.symmetricds module: ant ant create.synchronization.properties.file. It will create a propertiles file in /tmp called /tmp/{mobileServerKey}_symmetric-ds.properties - Create a user that belongs to another group. You can create one (user 'test' in group 'test' with this commands: * sudo groupadd test * useradd -g test test - Try to remove the file with the new user: * sudo su - * su - test * rm /tmp/{mobileServerKey}_symmetric-ds.properties. The command will fail with an Operation not permitted error. | |||||||
Tags | No tags attached. | |||||||
Attached Files | ||||||||
Relationships [ Relation Graph ] [ Dependency Graph ] | |
Notes | |
(0093979) hgbot (developer) 2017-02-01 10:50 |
Repository: erp/pmods/org.openbravo.replication.symmetricds Changeset: d8e3a1c71bd71d13a60ec1db0061ab7825b810d6 Author: Augusto Mauch <augusto.mauch <at> openbravo.com> Date: Wed Feb 01 10:50:06 2017 +0100 URL: http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/d8e3a1c71bd71d13a60ec1db0061ab7825b810d6 [^] Related with issue 35115: Cleanup - removes method that is not used The SynchronizationPropertiesFileBuilder.createEnginePropertiesFileForStoreServer is not needed since the SymmetricDS creation process was refactored a few months ago. --- M src/org/openbravo/replication/symmetricds/util/SynchronizationPropertiesFileBuilder.java --- |
(0093980) hgbot (developer) 2017-02-01 10:50 |
Repository: erp/pmods/org.openbravo.replication.symmetricds Changeset: 6831c6401ef3ecea18a22cc6e412980e194f92c2 Author: Augusto Mauch <augusto.mauch <at> openbravo.com> Date: Wed Feb 01 10:50:14 2017 +0100 URL: http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/6831c6401ef3ecea18a22cc6e412980e194f92c2 [^] Fixes issue 35115: SymmetricDS config file can be deleted by any user For a file to be deleteable for any user: - The folder where it is contained must have full permissions - The file itself must have at last rw-rw-rw- permissions The permissions are being granted using the Files.setPosixFilePermissions API. --- M src/org/openbravo/replication/symmetricds/util/SynchronizationPropertiesFileBuilder.java --- |
(0094333) mtaal (manager) 2017-02-14 20:34 |
The file is created with read permissions for group and others. It is better from a safety perspective (file contains user/password of the db) to create it only with write permissions for other and group level but without read permissions for other/group. Write permission will allow deleting the file by other users but not allow other users to read the file. |
(0094457) hgbot (developer) 2017-02-20 10:57 |
Repository: erp/pmods/org.openbravo.replication.symmetricds Changeset: 45991d82e7509ee2ce749ba9c3671b1836e7354f Author: Augusto Mauch <augusto.mauch <at> openbravo.com> Date: Mon Feb 20 10:56:51 2017 +0100 URL: http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/45991d82e7509ee2ce749ba9c3671b1836e7354f [^] Fixes issue 35115: SymmetricDS file permissions are more restricted Read permission has been revoked from the SymmetricDS generated properties file for all groups other than the one of the user who creates the file. The file still can be deleted by any user, because all users still have write access. --- M src/org/openbravo/replication/symmetricds/util/SynchronizationPropertiesFileBuilder.java --- |
(0094849) mtaal (manager) 2017-03-09 09:31 |
Reviewed |
Issue History | |||
Date Modified | Username | Field | Change |
2017-01-31 18:49 | AugustoMauch | New Issue | |
2017-01-31 18:49 | AugustoMauch | Assigned To | => Retail |
2017-01-31 18:49 | AugustoMauch | Triggers an Emergency Pack | => No |
2017-02-01 09:22 | AugustoMauch | Steps to Reproduce Updated | View Revisions |
2017-02-01 09:22 | AugustoMauch | Steps to Reproduce Updated | View Revisions |
2017-02-01 10:50 | hgbot | Checkin | |
2017-02-01 10:50 | hgbot | Note Added: 0093979 | |
2017-02-01 10:50 | hgbot | Checkin | |
2017-02-01 10:50 | hgbot | Note Added: 0093980 | |
2017-02-01 10:50 | hgbot | Status | new => resolved |
2017-02-01 10:50 | hgbot | Resolution | open => fixed |
2017-02-01 10:50 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/6831c6401ef3ecea18a22cc6e412980e194f92c2 [^] |
2017-02-01 15:55 | marvintm | Assigned To | Retail => AugustoMauch |
2017-02-12 23:48 | mtaal | Review Assigned To | => mtaal |
2017-02-14 20:34 | mtaal | Note Added: 0094333 | |
2017-02-14 20:34 | mtaal | Status | resolved => new |
2017-02-14 20:34 | mtaal | Resolution | fixed => open |
2017-02-20 10:57 | hgbot | Checkin | |
2017-02-20 10:57 | hgbot | Note Added: 0094457 | |
2017-02-20 10:57 | hgbot | Status | new => resolved |
2017-02-20 10:57 | hgbot | Resolution | open => fixed |
2017-02-20 10:57 | hgbot | Fixed in SCM revision | http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/6831c6401ef3ecea18a22cc6e412980e194f92c2 [^] => http://code.openbravo.com/erp/pmods/org.openbravo.replication.symmetricds/rev/45991d82e7509ee2ce749ba9c3671b1836e7354f [^] |
2017-03-09 09:31 | mtaal | Note Added: 0094849 | |
2017-03-09 09:31 | mtaal | Status | resolved => closed |
Copyright © 2000 - 2009 MantisBT Group |