Hi Knut,
There are a number of places in the TDS where symbolic links may break
things. I hadn't realized this one before. The problem has to do with
how we make sure malicious (or accidental) URLs with "../" path segments
don't get out of the TDS configuration file area (content/thredds).
Basically, we call java.io.File.getCanonical{File|Path}() and make sure
the result is under content/thredds. Unfortunately, besides dealing with
"../" path segments, getCanonicalX() also resolves symbolic links.
Redoing the tracking and validation of the config content is on our list
of things to do (and would probably include dealing with symbolic links
or making it optional). Unfortunately, it is not currently at (or even
very near) the top of the list.
Ethan
Knut Arild Lisæter wrote:
Hi John,
Our "main" catalogue is placed under content/thredds, in that file I
have placed a number of links (catalogref) to catalogues which lie in
content/thredds/catalogs - we did it this way to keep things "tidy" and
it has worked well in version 3.14.
Some of the catalogues under content/thredds/catalogs are symbolic
links, and it is for those I get the error messages I mentioned when I
switch to version 3.16. Just to test I tried to copy one of the linked
files into content/thredds/catalogs and then works with 3.16 - so 3.16
seems to be picky about symbolic links
The solution is obvious, avoid links and copy everything into
content/thredds/catalogs, but for various reason we would like to keep
the current setup if possible. If you would like to have a closer look
on our setup, go to:
http://topaz.nersc.no/thredds/catalog.html
Hope this made it a bit clearer :-)
Best Regards,
Knut
John Caron wrote:
Hi Knut:
Currently you need to keep TDS config catalogs under content/thredds.
I assume these are "config catalogs", not just other catalogs you want to
reference from a catref?
By "symbolic link" do you mean you tried to link another directory under
content/thredds ?? If so,
im surprissed it wont follow a symbolic link correclty....
Knut Arild Lisæter wrote:
Hi,
I tried to update to thredds version 3.16 today, but it seems that
symbolic links to catalogues are not allowed in this version? In logs/
catalogErrors.log I get many errors of this type
initCatalog(): Path <catalogs/mersea-ip-class2-arctic.xml> points
outside of content path </home/apache-tomcat-5.5.25/content/thredds/>
(skip).
Is there a quick and easy way to allow symbolic links pointing outside
of the "content path" ?
Best Regards,
Knut Lisæter
_______________________________________________
thredds mailing list
thredds@xxxxxxxxxxxxxxxx
For list information or to unsubscribe, visit: http://www.unidata.ucar.edu/mailing_lists/
_______________________________________________
thredds mailing list
thredds@xxxxxxxxxxxxxxxx
For list information or to unsubscribe, visit: http://www.unidata.ucar.edu/mailing_lists/
--
Ethan R. Davis Telephone: (303) 497-8155
Software Engineer Fax: (303) 497-8690
UCAR Unidata Program Center E-mail: edavis@xxxxxxxx
P.O. Box 3000
Boulder, CO 80307-3000 http://www.unidata.ucar.edu/
---------------------------------------------------------------------------
