Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 99219 invoked from network); 1 Feb 2009 20:19:01 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 1 Feb 2009 20:19:01 -0000 Received: (qmail 10762 invoked by uid 500); 1 Feb 2009 20:18:48 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 10725 invoked by uid 500); 1 Feb 2009 20:18:48 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 10712 invoked by uid 99); 1 Feb 2009 20:18:48 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 01 Feb 2009 12:18:48 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of aw@ice-sa.com designates 212.85.38.174 as permitted sender) Received: from [212.85.38.174] (HELO popeye.combios.es) (212.85.38.174) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 01 Feb 2009 20:18:40 +0000 Received: from [192.168.245.129] (p549E8798.dip0.t-ipconnect.de [84.158.135.152]) (authenticated bits=0) by popeye.combios.es (8.13.8/8.13.8/Debian-3) with ESMTP id n11KIFQ6018167 for ; Sun, 1 Feb 2009 21:18:17 +0100 Message-ID: <49860286.6020500@ice-sa.com> Date: Sun, 01 Feb 2009 21:13:58 +0100 From: =?windows-1252?Q?Andr=E9_Warnier?= User-Agent: Thunderbird 2.0.0.16 (Windows/20080708) MIME-Version: 1.0 To: Tomcat Users List Subject: Re: running tomcat with root user References: <4985739A.5080503@ice-sa.com> In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV 0.92.1/8933/Sun Feb 1 06:27:00 2009 on popeye.combios.es X-Virus-Status: Clean X-Virus-Checked: Checked by ClamAV on apache.org epicwinter@hotmail.com wrote: > > Thanks for the reply and suggestion , i am doing some heavy reading right now on ACLs. Very interesting, looks like a possible solution. I am doing this on a remote server with one drive so I am a little nervous about making these changes and seeing if it comes back up. I am also concerned if there would be a performance hit. I really wish there was a simpler solution. I wonder how insecure it really would be to run tomcat as root or if there was a way to make it "more" secure > As far as I know, Tomcat itself is very secure and unlikely to do dangerous things by itself. The problem is more at the level of non-Tomcat code which you are going to add to it. If there is a bug in that code, well now you will be running that code as root, which means that there will be little to constrain it if it decides to overwrite /etc/passwd. You could always constrain that code a bit, and activate the "security manager" in the JVM that is running Tomcat. I am no great specialist (nor of Tomcat nor of Java by the way), but as far as I know, that is the kind of situation where the java security manager should help, and it is normally already configured and only needs to be activated. I don't recall where you got your Tomcat from, but if you are under Linux and have used the platform package installer, chances are good that you will find a directory somewhere around /etc/tomcatx/conf.d (or policy.d), where you find some files having entries like : // These permissions apply to all shared system extensions when // ${java.home} points at $JAVA_HOME/jre grant codeBase "file:${java.home}/lib/ext/-" { permission java.security.AllPermission; }; (the above by the way not being something to just copy) I believe you could use it to allow some specific webapps to write to specific places but not outside of that. That of course only works if you run Tomcat as root, it will not allow you to give the Tomcat user more rights than the OS allows to some filesystem place. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org