From 0e9b22e9dcb9c2bc8af6479fd285263b0354c37a Mon Sep 17 00:00:00 2001 From: paul-ion <pentesq@gmail.com> Date: Sun, 17 Mar 2024 14:00:26 -0400 Subject: [PATCH] Run insecureinc as www-data --- insecureinc/Dockerfile.insecureinc | 9 ++++++++- insecureinc/start-insecureinc.sh | 2 ++ 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 insecureinc/start-insecureinc.sh diff --git a/insecureinc/Dockerfile.insecureinc b/insecureinc/Dockerfile.insecureinc index 657614f6..f2e2c918 100644 --- a/insecureinc/Dockerfile.insecureinc +++ b/insecureinc/Dockerfile.insecureinc @@ -11,4 +11,11 @@ RUN rm -rf /var/lib/apt/lists/* && \ RUN rm -rf /usr/local/tomcat/webapps/ROOT # Copying insecure-inc-1.0.war from the build_image phase, rest everyting from last phase is discarded COPY --from=build_image /insecureinc/target/insecure-inc-1.0.war /usr/local/tomcat/webapps/ROOT.war -EXPOSE 8080 \ No newline at end of file +COPY start-insecureinc.sh /usr/local/tomcat/start-insecureinc.sh +RUN chmod +x /usr/local/tomcat/start-insecureinc.sh +RUN chown -R www-data:www-data /usr/local/tomcat/logs +RUN chown -R www-data:www-data /usr/local/tomcat/webapps +RUN chown -R www-data:www-data /usr/local/tomcat/work + +EXPOSE 8080 +ENTRYPOINT ["/bin/bash","-c","/usr/local/tomcat/start-insecureinc.sh" ] diff --git a/insecureinc/start-insecureinc.sh b/insecureinc/start-insecureinc.sh new file mode 100644 index 00000000..79cdf7c9 --- /dev/null +++ b/insecureinc/start-insecureinc.sh @@ -0,0 +1,2 @@ +export JAVA_OPTS="-DCHALLENGE_MASTER_SALT=$CHALLENGE_MASTER_SALT" +su - www-data -s /bin/bash -c '/usr/local/tomcat/bin/catalina.sh run' -w JAVA_HOME,JAVA_OPTS \ No newline at end of file