Tech Kraft

Documentum, AWS, Java, Ruby on Rails, Linux, Windows, App Servers

Documentum D2: About D2 returns dfc.properties

If you click on the About D2 link, it returns the complete dfc.properties file which may include your servername or ip address. This is a security vulnerability. To resolve this issue, open the D2.war and D2-Config.war files, find the following file:

WEB-INF/lib/D2FS4DCTM-WEB-4.5.0.jar

Open the file above and find the following file:

xml/dialog/AboutDialog.xml
Comment out the lines below:
<tab id="tabDebug" condition_visible="getValue(ctrlKey).notEquals('') &amp;&amp; getValue(altKey).notEquals('')">
                        <memo id="properties" rows="18" wrap="off" condition_enabled="false" assistance_type="java" assistance_java="com.emc.d2fs.dctm.ui.assistances.DebugProperties">

                        </memo>
</tab>
,
chanakya2's avatar

Posted by:

chanakya2

Leave a comment

About Me

Senior Software Engineer professional with over 16 years of success with multiple open source technologies and various Content Management platforms and solutions.

Proven technical abilities through numerous projects involving enterprise web application design and development, application installation, configuration and support, and workflow and collaboration system designs.

  • Ability to learn new technologies and platforms quickly and apply them to the task at hand.
  • Excellent analytical skills, and strong communication and collaboration abilities.
  • Technical emphasis in including but not limited to Java, Ruby on Rails, Documentum and Alfresco
    in both Linux and Windows based environments

Recent Posts

Newsletter