tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <>
Subject Re: UserDatabase & security
Date Fri, 18 May 2007 11:14:14 GMT
Jerome Benezech wrote:
> Is there a way to ensure that only the root user can
> read this file ?

Not quite root only but it will meet your requirement...

Run Tomcat under a security manager. That way, webapps don't have
access to files outside the docBase without explicit permissions being

This also protects from applications calling System.exit() and a host
of other issues.


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message