tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Chaney <a...@compulsivecreative.com>
Subject Re: Apache2 adn/or Tomcat6?
Date Fri, 22 Feb 2008 20:57:22 GMT
Or as I mentioned in a recent email, you can run something like jsvc and 
set the user to 'tomcat' which allows you to bind to the port and then
changes the user.

Regards

Alan


Mark H. Wood wrote:
> I must've missed the place in the documentation where it explains how
> to get Tomcat to start as root, then drop privileges after opening
> listening sockets on low-numbered ports that are only accessible by
> root, like Apache HTTPD does.
> 
> On most Unix-alikes, you have to choose:
> 
> o  tell people to use port 8080 or whatever nonprivileged port you
>    configured;
> 
> o  use a packet-mangling firewall rule to remap port 80 to port 8080
>    or whatever;
> 
> o  place a proxy (such as Apache HTTPD) in front of Tomcat to forward
>    port 80 traffic;
> 
> o  run Tomcat as root, allowing buggy app.s to make arbitrary changes
>    anywhere on your server.
> 
> If I ever have time to do something about that, I'll be sure to submit
> a patch.
> 
> 
> 
> ------------------------------------------------------------------------
> 
> !DSPAM:47bf361642361264652389!

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message