tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Markus Schönhaber <>
Subject Re: tomcat instances on different ports running as different users can anyone shutdown?
Date Thu, 21 Aug 2008 21:58:12 GMT
Christopher Schultz schrieb:

> As Andre points out, there is no way to restrict TCP/IP ports to certain
> users.

Well, "no way" is a bit strong a statement. For example Linux' netfilter 
provides an owner match for locally generated packets. This should be 
usable to indeed create a per-user restriction of access to the shutdown 
But since the OP didn't bother to tell us which OS he's talking about, I 
don't know if that's a solution for him.

Anyway, this

> 1. Change the "shutdown" attribute of the <Server> element ion
> server.xml to something other than "SHUTDOWN". For instance, if you set
> it to "mySUPERsecretPASSWORD", then the user trying to shut down your
> Tomcat would have to know that particular command string in order to
> successfully shut down Tomcat. Making server.xml readable only by the
> user should prevent anyone from discovering the shutdown command string.

or, even better, this

> 2. I have heard that by using jsvc, you can shut down Tomcat without
> having to use the shutdown port /at all/. You can disable the shutdown
> port entirely and simply use jsvc to start/stop your server. I'm not
> sure of the specifics, but I would bet that jsvc has tighter controls
> over who can send SHUTDOWN requests to a running Tomcat instance.

might be easier/better solutions.

OTOH, if it occurred to me that it might be good to somehow restrict the 
possibility to use Tomcat's shutdown port to stop the server, it would 
probably occur to me that it might be even better to rethink whom local 
login rights should be granted on the machine.


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message