tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From JavaNet developer <j...@javanet.info>
Subject RE: safety deploy in tomcat in a shared enviroment
Date Mon, 04 Feb 2002 10:04:19 GMT

>Hi Micael,
>probably I was unclear. I want to avoid insecure code to being executed.
>Is it useful to run multiple JVM? If yes how... and so on...
>
>I want to make java hosting for unknown java user code, so I need to take 
>attention on system resources and insecure servlet/jsp code.
>I like to provide a sort of secure sandbox for running servlet and jsp to 
>external users.
>What type of restriction I have to make?
>
>
>
>//
>my environment is:
>kernel 2.4 (RedHat o SuSe)
>OpenSSH (opz. OpenSSL)
>Apache 1.3
>Jakarta Tomcat 3.3, Velocity, Turbine, Ant, ORO ....
>JDK 1.3
>MySQL 3.3
>Qmail - Courier IMAP (and other programs like vpopmail .....)
>
>thank you
>Eli
>
>
>
>At 09.02 03/02/2002 -0800, you wrote:
>>Not sure of what sort of security you are trying to develop, Eli.  Be 
>>more specific.  There are lots of available solutions for lots of 
>>differing objectives.  For example, do you just want to avoid hackers, 
>>people jumping into the middle of your site, returns to sensitive pages, etc.?
>>
>>Micael
>>
>>At 06:03 PM 2/3/02 +0100, you wrote:
>>
>>>>Hi to all,
>>>>I need to setup a linux-box to host user application in a safety 
>>>>environment.
>>>>I already read how to setup a Java SecurityManager.
>>>>Is this the only attention I have look for?
>>>>
>>>>If someone had got experience in hosting solution using Tomcat please 
>>>>send me
>>>>a guideline to check for common security problem, or a list of url to 
>>>>look for doc.
>>>>every hints is mostly appreciated.
>>>>
>>>>thank you
>>>>Eli Spizzichino
>>>
>>>
>>>
>>>--
>>>To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
>>>For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
>>>Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>
>>
>>
>>
>>--
>>To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
>>For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
>>Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>



--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message