tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kees Jan Koster <>
Subject Re: Pros and cons of readonly UserDatabase (tomcat-users.xml)
Date Thu, 08 Jan 2009 10:11:43 GMT
Dear Petr,

> any comment on this subject? The question is related to OpenSolaris  
> package
> (*) where we have all files owned by root and tomcat is executed with
> dedicated user credentials.
> Currently tomcat-user.xml and conf directory is owned by tomcat user  
> but it
> makes some noise in our package auditing.
> The question is what is limitation of setting user database as  
> readonly (in
> server.xml) for Tomcat 6.0.18 and having tomcat-user.xml and conf  
> directory
> owned by root.

Does tomcat-users.xml ever have to be written from Tomcat? I routinely  
run with tomcat-users.xml as read-only and it is no problem for me. I  
don't actually use that mechanism at all.
Kees Jan

Human beings make life so interesting. Do you know that in a universe  
so full of wonders,
they have managed to invent boredom. Quite astonishing... -- Terry  

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message