tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: changing user/group tomcat is running as
Date Thu, 27 Nov 2003 07:28:05 GMT
You could check out the commons-daemon jsvc (ships with TC 5.x, but should
work with 4.1.x as well).  It doesn't handle the chroot problem (but, since
Solaris 8, I've almost given up on getting chroot to work).  However, it
does handle the port-binding and then changing uid problem.

"Marten Lehmann" <lehmann@cnm.de> wrote in message
news:3FC52B43.3010006@cnm.de...
> Hello,
>
> after almost comleting Oreilly's "Tomcat - The Definitive Guide", the
> only thing mentioned there about changing the user tomcat is running as
> is to put it into a chroot-environment, whereby the chroot is not as
> important as changing the user and group in the same step. Without doing
> chroot-things, I likewise could use "su tomcat -c ./startup.sh", right?
> But no matter if I use chroot or su to do this, I have the drawback,
> that I can't use port 80 for http nor 433 for https, because access to
> this is restricted to the root user. Is there any way to change the user
> after tomcat has start up like the User and Group directives in
> apache-httpd? Running tomcat as root seems like a security flaw to me. I
> don't want to set up an additional apache-httpd at port 80 and 443 which
> communicates with tomcat on ports > 1023. Any ideas?
>
> Regards
> Marten




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message