tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shapira, Yoav" <Yoav.Shap...@mpi.com>
Subject RE: Why does startup of Tomcat 5.0.28 server make tomcat-users.xml world-readable?...
Date Wed, 15 Sep 2004 18:02:00 GMT

Hi,
What if you set the umask for that user to not have world-readable
files?  My guess is Tomcat simply uses the umask of the user that's
running the JVM.

Yoav Shapira
Millennium Research Informatics


>-----Original Message-----
>From: Fred Stluka [mailto:fred@bristle.com]
>Sent: Wednesday, September 15, 2004 1:51 PM
>To: Tomcat Users List
>Subject: Re: Why does startup of Tomcat 5.0.28 server make
tomcat-users.xml
>world-readable?...
>
>Yoav,
>
>I have created a Linux user specifically to run Tomcat.
>That user is the owner of the entire Tomcat directory
>tree, including the tomcat-users.xml file.  The Tomcat
>server process is running as that user.  I agree that that
>600 should be sufficient for Tomcat to read and write
>the file.
>
>No, I have not yet configured a security manager.
>This is pretty much Tomcat 5.0.28 with minimal
>configurations.
>
>--Fred
>-----------------------------------------------------------------------
---
> Fred Stluka -- mailto:fred@bristle.com -- http://bristle.com/~fred/
> Bristle Software, Inc -- http://bristle.com -- "Glad to be of
service!"
>-----------------------------------------------------------------------
---
>
>"Shapira, Yoav" wrote:
>
>> Hi,
>> Tomcat needs to change the file so that it (the Tomcat process) can
>> (over)write it (the tomcat-users.xml file).  But you would think
chmod
>> u+w or g+w would be sufficient, not chmod o+w.  Are you running with
a
>> security manager?
>>
>> Yoav Shapira
>> Millennium Research Informatics
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




This e-mail, including any attachments, is a confidential business communication, and may
contain information that is confidential, proprietary and/or privileged.  This e-mail is intended
only for the individual(s) to whom it is addressed, and may not be saved, copied, printed,
disclosed or used by anyone else.  If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender.  Thank you.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message