tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: IPTABLES
Date Wed, 18 Oct 2006 22:43:29 GMT
Chuck,

> P.S. Apache is an organization of open-source developers; httpd is the
> web server product of that organization.

Forgive me... s/(Apache)/\1 httpd/g

>> <flamebait>: Yet another reason to front Tomcat with Apache: access to
>> port 80. I'll have to add that to my laundry list of why I like to use
>> Apache in front of Tomcat. ;) </flamebait>
> 
> Why doesn't httpd have the same problem?  What makes it so special that
> it can use port 80 without privilege?  Are you running httpd as root?

Apache httpd is configured out of the box to start up as root, bind to
port 80 (or really any port), and then drop its privileges to the httpd
user. Without some really nasty code, Tomcat is unable to do the same
thing, so we're forced to do silly things like internal port forwarding,
etc.

What makes Apache httpd so special is that is has access to the standard
C library and the UNIX privilege system ;)

-chris



Mime
View raw message