tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mladen Turk <mt...@apache.org>
Subject Re: New jsvc (commons-daemon-native); catalina.out is owned by root - WTF?
Date Wed, 01 Dec 2010 17:41:31 GMT
On 12/01/2010 11:55 AM, Gregor Schneider wrote:
>>
> Sure, since Apache is usually started within root-context ("sbin") -
> so that does make sense.
>

Right but it drops the user to apache if instructed to do so.
Even then logs are root owned, and this is security
precaution (like with jsvc)

>
> And if you take a look into /var/logs, you can see exactly, that the
> logs inside this directory partly don't belong to root as long as they
> are not run within a root-context.
>
> A good example ist mysql:
>

This is not good example. mysql doesn't need to run
on privileged port, and if your tomcat doesn't need to
run on port 80, and you don't wish to secure your
installation why using jsvc at the first place?


Regards
-- 
^TM

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message