tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Francois JEANMOUGIN" <Francois.JEANMOU...@123multimedia.com>
Subject RE: Opinions
Date Fri, 31 Oct 2003 08:34:33 GMT


> No, you're right.  You can make Apache listen on port 80 while running
> as root because it'll change the process' ownership when it opens a
> new
> connection. There is no portable way of doing this in Java; therefore,

Hey! And they call it an advanced language?

> you have to run Tomcat as root if you want to make it listen on port
> 80.
> Of course, that's a major security hole.

Not only, it also masks some bugs (like the JITC one for exemple).

> I always front-end TC with Apache and use mod_proxy to achieve what
> you're doing with iptables.

Well, let me find iptables less resources consuming :).

Fran├žois.

P.S.: One or two trolls are hiding in this message, please do NOT feed!


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message