tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Smith <d...@cornell.edu>
Subject Re: Running tomcat as an unprivileged user with a war file
Date Thu, 22 Feb 2007 19:47:58 GMT
Jim Goodspeed wrote:

> I would like to run tomcat as an unprivileged user for security
> reasons, but
> when my war file is created through Ant it loses all of the
> permissions (as
> it says it will in the Ant manual).  Does anyone know of a way to run
> tomcat
> as an unprivileged user and still use a war file which when it is
> created is
> not accessible to the tomcat user?
>
> I'm wondering if I need to create the war file as the tomcat user or
> maybe
> change the default umask on my build machine - just wondering if
> anyone else
> has run into this.
>
>
> Thanks.
>
Soooo ... setting the privileges on the war file to be readable by
tomcat doesn't work?

Here's how I understand the process:

When you deploy a .war file and tomcat is configured to expand them, the
.war file is expanded to a folder of the same name in the webapps
directory.  In most systems I've ever encountered, the expanded folder
is owned by the tomcat process and therefore has full privileges.  Even
when the .war file isn't expanded to the webapps directory, it's still
expanded to the work directory and all the files are owned by tomcat.

What OS are you running?

--David


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message