tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <>
Subject Re: running tomcat6 under a different user than root (debian)
Date Fri, 29 Oct 2010 11:42:20 GMT
On 29/10/2010 12:03, Darryl Lewis wrote:
> No one should, but I had a supplier recommend to run their application as root. All their
scripts and configuration instructions were for running as root.
> Needless to say I didn't run it as that and rewrote their installation scripts.
> Now I have to try and convince them that storing the database connection username and
passwords in plaintext are a bad idea...

What is the alternative?

If the config files containing that information are only readable by the
user running Tomcat, and that user doesn't have login access - assuming
you're using the service wrapper script to start up, then the
information is protected, no?


View raw message