tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Martin Gainty" <mgai...@hotmail.com>
Subject Re: Servlet that needs ROOT access
Date Fri, 08 Sep 2006 12:32:33 GMT
Wanted to followup on this as I just added 100 lines of permissions to catalina.policy encountering
a similar error
Tomcat typically runs as the 'nobody' account which as you guessed has very little permissions

my suggestion is to run Tomcat under debug
sh catalina.sh debug
>run org.apache.catalina.startup.Bootstrap

and watch the permission errors multiply 

Note that you will have to grant RuntimePermission to pretty much every non-tomcat jar to
run without exception
as well as DB and Socket I/O
also you'll have to do the same for acquiring and setting environment parameters

HTH,
Martin --
*********************************************************************
This email message and any files transmitted with it contain confidential
information intended only for the person(s) to whom this email message is
addressed.  If you have received this email message in error, please notify
the sender immediately by telephone or email and destroy the original
message without making a copy.  Thank you.



----- Original Message ----- 
From: "Peter Crowther" <Peter.Crowther@melandra.com>
To: "Tomcat Users List" <users@tomcat.apache.org>
Sent: Tuesday, August 01, 2006 8:46 AM
Subject: RE: Servlet that needs ROOT access


> From: Paul McMahon [mailto:pmcmahon@software.plasmon.com] 
> Is it possible to run Tomcat as non ROOT,
> but have a servlet that needs ROOT access?

No.

> Or is the solution to have the servlet application code 
> running as a separate 
> daemon outside tomcat, with some form of comms to tomcat 
> servlet when tasks need to be done?

That would be my preference if I were implementing this.  How much of
your 'servlet application code' *actually* needs root access?  Can you
partition into a small piece that does, and most that doesn't?
Minimising your attack surface in this way would probably be useful.

Can you give us any more information about what you're doing that
requires root?  Does it *have* to require root, or can the requirement
be reduced so that a non-root Tomcat can also do the same thing?  In one
sense this opens up an alternative hole; in another, depending on what
you're doing, that may be better than allowing unrestricted root access
to all tasks.

- Peter

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Mime
View raw message