tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shapira, Yoav" <Yoav.Shap...@mpi.com>
Subject RE: Tomcat running as root?
Date Fri, 01 Oct 2004 16:42:24 GMT
Hi,

No, don't run Tomcat as root.  Create a special user called whatever you
want with only the bare minimum permissions for running Tomcat.  If
you're running with a port number under 1024, use commons-daemon to
invoke Tomcat, otherwise just run Tomcat normally with this user.
Details on commons-daemon are in the RUNNING.txt and setup.html files in
the docs.

Yoav Shapira
Millennium Research Informatics

-----Original Message-----
From: Rhino [mailto:rhino1@sympatico.ca] 
Sent: Friday, October 01, 2004 12:40 PM
To: tomcat-user
Subject: Tomcat running as root?

 

Our instance of Tomcat (4.1.30) is currently running as root. 

 

Can someone remind me of whether that is the recommended way of running
Tomcat? I can't remember where that would be documented.

 

If root is not the right ID for Tomcat, what should I use? Can anyone
give me (or point me to) instructions for safely changing the ID for
Tomcat?

 

We are running Mandrake 9.1. (At least I think we are! The administrator
was talking about upgrading to Mandrake 10 but I don't know if he's done
it yet.)

 

Rhino
---
rhino1 AT sympatico DOT ca
"There are two ways of constructing a software design. One way is to
make it so simple that there are obviously no deficiencies. And the
other way is to make it so complicated that there are no obvious
deficiencies." - C.A.R. Hoare




This e-mail, including any attachments, is a confidential business communication, and may
contain information that is confidential, proprietary and/or privileged.  This e-mail is intended
only for the individual(s) to whom it is addressed, and may not be saved, copied, printed,
disclosed or used by anyone else.  If you are not the(an) intended recipient, please immediately
delete this e-mail from your computer system and notify the sender.  Thank you.


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message