[原文]Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts.
Gentoo has released advisory (GLSA 200408-15) and an updated eBuild to address this issue. Users may apply this update by executing the following commands as a superuser: emerge sync emerge -pv ">=net-www/tomcat-5.0.27-r3" emerge ">=net-www/tomcat-5.0.27-r3"
Gentoo Linux tomcat ebuild contains a flaw that may allow a malicious user which is a member of the tomcat group to gain access to unauthorized privileges. The issue is triggered when the tomcat server scripts are executed with root privileges such as during normal boot process. These scripts are editable by members of the tomcat group. This flaw may lead to a loss of Integrity.
Upgrade Gentoo tomcat ebuild to version tomcat-5.0.27-r3 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s):
change ownership of the files used by tomcat using the commands
chown -R root:root /etc/init.d/tomcat*
chown -R root:root /etc/conf.d/tomcat*