tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <>
Subject Re: TC on port 80: run as root?
Date Tue, 29 Jul 2003 03:38:42 GMT
Apache starts running as root, and binds to port 80 during initialization.
Then to server requests (at least on *nix systems, and the details my very
for Apache 2.0 depending on the MPM), it forks itself.  The child process
then changes it's identity to the non-privileged user.  However, since the
socket was already created, it can continue to use it.

There is jakarta-commons-sandbox/daemon
(  which allows
you to do much the same thing for Tomcat.

"john-paul delaney" <> wrote in message
> Hello List...
> I'm just using the latest release 4.1.24 as my webserver (no apache) with
the intention of generating all (or nearly all) content from a back-end db.
> However I'm worried about starting the server and running as root -
security issues.  How does the apache server use it's own account to run a
service below port 1024?  And can I do similar for my tomcat setup?
> Any leads much appreciated,
> /j-p.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message