tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 22405] New: - deploy as 700 and additional attribute to be less restrictive
Date Thu, 14 Aug 2003 07:28:20 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22405>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22405

deploy as 700 and additional attribute to be less restrictive

           Summary: deploy as 700 and additional attribute to be less
                    restrictive
           Product: Tomcat 4
           Version: 4.1.24
          Platform: Other
               URL: http://jakarta.apache.org/tomcat/tomcat-4.1-
                    doc/config/host.html#Automatic%20Application%20Deploymen
                    t
        OS/Version: Other
            Status: NEW
          Severity: Enhancement
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: hauser@acm.org


The user managing web applications under tomcat is often root.
Typically root has "umask 755" and this makes sense for many tasks that have to
be accomplished as root.

However web applications often contain passwords to access for example a database.
Therefore, I suggest:
1) make sure that the permissions generated by attributes autoDeploy and
unpackWARs are 700
2) add a "permissions" attribute that allows to 
   i) use the default umask if it is set to "umask"
   ii) set any other octal umask value for this

Mime
View raw message