From 0e9b22e9dcb9c2bc8af6479fd285263b0354c37a Mon Sep 17 00:00:00 2001
From: paul-ion <pentesq@gmail.com>
Date: Sun, 17 Mar 2024 14:00:26 -0400
Subject: [PATCH] Run insecureinc as www-data

---
 insecureinc/Dockerfile.insecureinc | 9 ++++++++-
 insecureinc/start-insecureinc.sh   | 2 ++
 2 files changed, 10 insertions(+), 1 deletion(-)
 create mode 100644 insecureinc/start-insecureinc.sh

diff --git a/insecureinc/Dockerfile.insecureinc b/insecureinc/Dockerfile.insecureinc
index 657614f6..f2e2c918 100644
--- a/insecureinc/Dockerfile.insecureinc
+++ b/insecureinc/Dockerfile.insecureinc
@@ -11,4 +11,11 @@ RUN rm -rf /var/lib/apt/lists/* && \
 RUN rm -rf /usr/local/tomcat/webapps/ROOT
 # Copying insecure-inc-1.0.war from the build_image phase, rest everyting from last phase is discarded
 COPY --from=build_image /insecureinc/target/insecure-inc-1.0.war /usr/local/tomcat/webapps/ROOT.war
-EXPOSE 8080
\ No newline at end of file
+COPY start-insecureinc.sh /usr/local/tomcat/start-insecureinc.sh 
+RUN chmod +x /usr/local/tomcat/start-insecureinc.sh 
+RUN chown -R www-data:www-data /usr/local/tomcat/logs
+RUN chown -R www-data:www-data /usr/local/tomcat/webapps
+RUN chown -R www-data:www-data /usr/local/tomcat/work
+
+EXPOSE 8080
+ENTRYPOINT ["/bin/bash","-c","/usr/local/tomcat/start-insecureinc.sh" ]
diff --git a/insecureinc/start-insecureinc.sh b/insecureinc/start-insecureinc.sh
new file mode 100644
index 00000000..79cdf7c9
--- /dev/null
+++ b/insecureinc/start-insecureinc.sh
@@ -0,0 +1,2 @@
+export JAVA_OPTS="-DCHALLENGE_MASTER_SALT=$CHALLENGE_MASTER_SALT"
+su - www-data -s /bin/bash -c '/usr/local/tomcat/bin/catalina.sh run' -w JAVA_HOME,JAVA_OPTS
\ No newline at end of file