tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric J. Pinnell" <e...@iCky.org>
Subject Re: Run as nonroot user
Date Thu, 10 Jul 2003 18:40:54 GMT
Hi,

In order to open a port < 1024 you must be root.  So you have to be root
to listen on port 80.

You can install sudo access and let them run the start command as root but
by doing so you are giving the webmasters access to run a shell script as
root.  They could edit it and put anything they want in it.  Big time
security hole.

A better solution would be to run apache as a front end and have it
connect to tomcat.  Since tomcat listens on port 8009 a non-privliged user
can stop and start it.  You can just let apache run...  you won't have to
restart it.

-e

On Thu, 10 Jul 2003, [iso-8859-1] Fabricio Machado wrote:

>  Hi guys!
>  I'm just starting work with Tomcat 4.1.24 and I want
> to run it with an unprivileged user.
>  The webmasters are boring me every time they update
> some files in "webapps" directory... they ask me to
> shutdown/startup Tomcat... :-/
>
>  How can I solve this problem ?
>  Some docs ?
>
> thanks,
>
> Fabricio.
>
> _______________________________________________________________________
> Yahoo! Mail
> Mais espaço, mais segurança e gratuito: caixa postal de 6MB, antivírus, proteção
contra spam.
> http://br.mail.yahoo.com/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message