tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kees Jan Koster <kjkos...@gmail.com>
Subject Re: Pros and cons of readonly UserDatabase (tomcat-users.xml)
Date Thu, 08 Jan 2009 10:11:43 GMT
Dear Petr,

> any comment on this subject? The question is related to OpenSolaris  
> package
> (*) where we have all files owned by root and tomcat is executed with
> dedicated user credentials.
>
> Currently tomcat-user.xml and conf directory is owned by tomcat user  
> but it
> makes some noise in our package auditing.
>
> The question is what is limitation of setting user database as  
> readonly (in
> server.xml) for Tomcat 6.0.18 and having tomcat-user.xml and conf  
> directory
> owned by root.


Does tomcat-users.xml ever have to be written from Tomcat? I routinely  
run with tomcat-users.xml as read-only and it is no problem for me. I  
don't actually use that mechanism at all.
--
Kees Jan

http://java-monitor.com/forum/
kjkoster@kjkoster.org
06-51838192

Human beings make life so interesting. Do you know that in a universe  
so full of wonders,
they have managed to invent boredom. Quite astonishing... -- Terry  
Pratchett


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message