Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 14758 invoked from network); 29 Oct 2010 13:19:37 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 29 Oct 2010 13:19:37 -0000 Received: (qmail 29217 invoked by uid 500); 29 Oct 2010 13:19:34 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 29123 invoked by uid 500); 29 Oct 2010 13:19:34 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 29114 invoked by uid 99); 29 Oct 2010 13:19:33 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 29 Oct 2010 13:19:33 +0000 X-ASF-Spam-Status: No, hits=-2.3 required=10.0 tests=RCVD_IN_DNSWL_MED,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of darryl.lewis@unsw.edu.au designates 149.171.97.17 as permitted sender) Received: from [149.171.97.17] (HELO smtp-dist.unsw.edu.au) (149.171.97.17) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 29 Oct 2010 13:19:23 +0000 Received: from INFPACM003.services.comms.unsw.edu.au (INFPACM003.services.comms.unsw.edu.au [149.171.193.26]) by smtp-dist.unsw.edu.au (8.13.6/8.13.6) with ESMTP id o9TDIiCu001739 for ; Sat, 30 Oct 2010 00:18:44 +1100 (EST) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AsIEAKNmykyVqzrYgWdsb2JhbAChVBUBARYiIrUtiGeDDgGCOQSKU4MOEw X-IronPort-AV: E=Sophos;i="4.58,259,1286110800"; d="scan'208";a="88521693" Received: from unknown (HELO infpwex009.ad.unsw.edu.au) ([149.171.58.216]) by INFPACM003.services.comms.unsw.edu.au with ESMTP; 30 Oct 2010 00:01:30 +1100 Received: from infpwex005.ad.unsw.edu.au (149.171.56.38) by infpwex009.ad.unsw.edu.au (149.171.58.216) with Microsoft SMTP Server (TLS) id 8.2.254.0; Sat, 30 Oct 2010 00:19:01 +1100 Received: from INFPWEC004.ad.unsw.edu.au ([149.171.135.35]) by infpwex005.ad.unsw.edu.au ([149.171.56.38]) with mapi; Sat, 30 Oct 2010 00:18:41 +1100 From: Darryl Lewis To: Tomcat Users List Date: Sat, 30 Oct 2010 00:18:39 +1100 Subject: Re: running tomcat6 under a different user than root (debian) Thread-Topic: running tomcat6 under a different user than root (debian) Thread-Index: Act3XnmYTpn/Am39SUOvSAsfuNsEsgADVMen Message-ID: In-Reply-To: <4CCAB31C.80606@pidster.com> Accept-Language: en-US, en-AU Content-Language: en X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US, en-AU Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org Encrypt the username and passwords using Realm configuration. You should always assume there is the possibility that a user will get access to the system via a badly written program. Whilst they might get som= e system access, you should make it as difficult as possible for them to jump to the next box. If you give read access on server.xml only to root user, it requires that Tomcat is started with root privileges, which is really bad. If a person gets access, they automatically get root privildges. Then entire idea is to make it difficult for a person to get very far quickly. If you run TC as a non-root user, even if they crack the app to get system access, they still have to go further to get root. On 29/10/10 10:42 PM, "Pid" wrote: > On 29/10/2010 12:03, Darryl Lewis wrote: >> No one should, but I had a supplier recommend to run their application a= s >> root. All their scripts and configuration instructions were for running = as >> root. >> Needless to say I didn't run it as that and rewrote their installation >> scripts. >> Now I have to try and convince them that storing the database connection >> username and passwords in plaintext are a bad idea... >=20 > What is the alternative? >=20 > If the config files containing that information are only readable by the > user running Tomcat, and that user doesn't have login access - assuming > you're using the service wrapper script to start up, then the > information is protected, no? >=20 >=20 > p --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org