tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mikolaj Rydzewski <m...@ceti.pl>
Subject Re: WEB-INF/classes vs WEB-INF/lib/classes.jar file
Date Fri, 06 Feb 2009 11:18:17 GMT
André Warnier wrote:
> start)
>   su - tomcatuser -c "/var/lib/jvm/java $CONFIDENTIAL_SETTINGS -jar  
> ...."
All of your 'confidential settings' will be visible to all users with 
one command:

ps aux

There're ways to restrict such listing to only your processes. But 
anyway, command line arguments are not a good place to specify 
confidential values.

In my opinion there're mostly two cases:

1.
Customer doesn't know anything, or knows very little about passwords, 
architecture, etc. So you usually embed such information in some kind of 
configuration file (web.xml or some other properties file), etc. In 
short words: you know all the details, but you will not break/steal 
customer's service/data.

2. Customer is security-aware. So either he isn't your customer anymore 
;-) Or you do not have any access to his infrastructure. You're forced 
to use JNDI resources so you usually do not need any 
usernames/passwords. Even if, username is useless without access to 
customer's infrastructure. Finally, his team will review war file before 
deploy anyway.


In my opinion it is mush simpler, more secure to have just another 
tomcat installation, dedicated for one special-and-important 
application, run by dedicated user, than to mess with some strange JVM 
startup options.



-- 
Mikolaj Rydzewski <miki@ceti.pl>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message