tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From raga2 <>
Subject RE: Which user executes JSP in Tomcat?
Date Sun, 05 Apr 2009 12:43:35 GMT


Thanks for you reply and advice. Others asked if the JSP is correct, yes it
is, there are no errors displayed. No catch(Exception ex) { /*do nothing*/} 
kind of code either. 

The error logs for Tomcat don't show anything out of the ordinary. 

Is there anyway to tell tomcat to allow IO access to a specific folder? 

Thanks for your help everyone. 

I'm looking through the log files. 

Caldarale, Charles R wrote:
>> From: raga2 []
>> Subject: Re: Which user executes JSP in Tomcat?
>> ps -aef tells me it's root running tomcat.
> That's a really bad thing to do.  You should be running Tomcat under a
> userid that does not give it the privilege to scribble anywhere in the
> file system.  If you need to access ports < 1024, start Tomcat with jsvc,
> or use iptables to redirect the low ports to what's configured in Tomcat.
> Back to your original problem: there's no guarantee that a servlet
> container will allow webapp code to have access to any part of the file
> system, other than a spec-defined work area.  Tomcat usually does allow
> such access, unless you're running with a security manager.  If you're
> trying to use relative paths in your directory and file creation, then
> you're likely trying to write within Tomcat's directory structure, which
> is another Really Bad Thing.  Make sure that wherever you're writing is
> outside of Tomcat.
> (And if you're using a 3rd-party, repackaged version of Tomcat, it's
> anybody's guess where all the pieces of Tomcat are, since the repackagers
> seem to delight in scattering bits of Tomcat all over, and then tying
> things back together with a mess of symlinks - bloody ridiculous.)
>  - Chuck
> MATERIAL and is thus for use only by the intended recipient. If you
> received this in error, please contact the sender and delete the e-mail
> and its attachments from all computers.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

View this message in context:
Sent from the Tomcat - User mailing list archive at

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message