tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shapira, Yoav" <>
Subject RE: Why does startup of Tomcat 5.0.28 server make tomcat-users.xml world-readable?...
Date Wed, 15 Sep 2004 18:48:16 GMT


>However, I still wonder:
>1.  Why does Tomcat re-write the tomcat-users.xml file at
>     startup?

This I already answered: Tomcat rewrites the tomcat-users.xml at startup
to ensure it has permissions on it, because the admin webapp must have
these permissions to allow editing of user information.

>2.  Why does it use the umask value instead of just leaving
>     the protections as they were before it updated the file?

This is the default behavior: we don't modify anything and
don't want to have platform-specific or native code in Tomcat.  If you
look at the JavaDoc, you'll see there's no portable way to
control this.

>3.  Isn't this a problem for most Tomcat installations, since
>     without the umask I had applied to my tomcat user, the
>     default umask is 002, not 022, so the tomcat-users.xml
>     file would be changed to 664, not merely 644, at each
>     startup?  Seems like the default Tomcat behavior
>     introduces a security risk.

Judging by the fact this is raised about once a year on the mailing
list, I'd say the majority of people don't care.  Secure installations
take care with their umasks from the beginning, so for them this is not
an issue.


This e-mail, including any attachments, is a confidential business communication, and may
contain information that is confidential, proprietary and/or privileged.  This e-mail is intended
only for the individual(s) to whom it is addressed, and may not be saved, copied, printed,
disclosed or used by anyone else.  If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender.  Thank you.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message