Hi,
why dont you change "webapps" directory to a empty directory?
And add your wanted applications as context.
Iratxe
-
Iratxe Etxebarria Sainz-Ezkerra
Soporte Middleware ([EMAIL PROTECTED])
External Global Services
Tfno: 946 584 773 / 628 717 3
On 1/3/07, Mikolaj Rydzewski <[EMAIL PROTECTED]> wrote:
David Delbecq wrote:
> And run tomcat within a a dedicated account having limited access to
> system.
>
Are there any people who run tomcat as root? I can't believe!
there are people who run ambigious statement they've seen in some
boards
David Delbecq wrote:
And run tomcat within a a dedicated account having limited access to
system.
Are there any people who run tomcat as root? I can't believe!
--
Mikolaj Rydzewski <[EMAIL PROTECTED]>
smime.p7s
Description: S/MIME Cryptographic Signature
En l'instant précis du 01/03/07 14:07, Mikolaj Rydzewski s'exprimait
dans toute sa noblesse:
> Stephan Schöffel wrote:
>> if someone is able to put a war file into the tomcat installed to
>> your computer he can do probably anything he wants to your computer.
> Use security manager.
>
And run tomca
What is your juridic requirement exactly? That owner can not inject code
in your webapp?
En l'instant précis du 01/03/07 14:04, Stephan Schöffel s'exprimait dans
toute sa noblesse:
> i know this solution is anything but not secure. but the main point
> iin doing this is a juristic question. if some
Stephan Schöffel wrote:
if someone is able to put a war file into the tomcat installed to your
computer he can do probably anything he wants to your computer.
Use security manager.
--
Mikolaj Rydzewski <[EMAIL PROTECTED]>
smime.p7s
Description: S/MIME Cryptographic Signature
i know this solution is anything but not secure. but the main point iin
doing this is a juristic question. if someone is able to put a war file
into the tomcat installed to your computer he can do probably anything
he wants to your computer. but if he is able to do so, this security
break is no
i already altered HostConfig to fit my needs.
just wanted to know if there is a way to disable war-deployment. the way
like using deployXML to prevent tomcat deploy an app based on
context.xml file...
David Delbecq wrote:
En l'instant précis du 01/03/07 13:05, Stephan Schöffel s'exprimait
Hi Stephan,
well, that's awkward.
Even if you are able to disable automatic deployment, anybody knowing
his ways around Tomcat will be able to change the settings again thus
make Tomcat load the other apps :(
my idea would be to write a valve checking which apps are installed:
If any other then
Stephan Schöffel wrote:
the idea of not running other apps in my tomcat has juristic backgound...
IMHO it should be clarified/solved within licensing terms, not within
the software.
In other case, I would run custom embeded tomcat or extend default host
class.
--
Mikolaj Rydzewski <[EMAIL P
that is another problem: i dont want to do that, i have to do that. as a
requirement by my employer. the idea of not running other apps in my
tomcat has juristic backgound...
Mikolaj Rydzewski wrote:
Stephan Schöffel wrote:
the problem is easy: i have to distribute the tomcat with
preinsta
En l'instant précis du 01/03/07 13:05, Stephan Schöffel s'exprimait dans
toute sa noblesse:
> the problem is easy: i have to distribute the tomcat with preinstalled
> apps. i havae to make sure the tomcat only loads apps that i delivered
> with it.
And how is tomcat supposed to make the difference
Stephan Schöffel wrote:
the problem is easy: i have to distribute the tomcat with preinstalled
apps. i havae to make sure the tomcat only loads apps that i delivered
with it. now im trying to delete all ways loading apps. only apps in
dir-structures should be loaded (ie with the deployDirectory
the problem is easy: i have to distribute the tomcat with preinstalled
apps. i havae to make sure the tomcat only loads apps that i delivered
with it. now im trying to delete all ways loading apps. only apps in
dir-structures should be loaded (ie with the deployDirectory() method,
which i alter
Hi Stephan,
the real question here is: what do you want to achieve?
I'm afraid you try to put the cart before the horse
My guess is that you should take a look at what David wrote: Use your
OS to prevent unauthorized access to your file-system.
So I suggest you're letting us know what your
i had a look at those already and tried out different combinations. yet
there is no way (obvious to me) to prevent tomcat from starting war
files. i could use the deployOnStartup attribute but then i would
prevent tomcat from starting apps that are not packed in a war, too. i
had to start them
See http://tomcat.apache.org/tomcat-5.5-doc/config/host.html, the
deployOnStartup, autoDeploy and deployXML properties are probably what
you need to play with.
En l'instant précis du 01/03/07 12:01, Stephan Schöffel s'exprimait dans
toute sa noblesse:
> i do need the write access to the tomcat dir
i do need the write access to the tomcat dirs. but i need tomcat to not
start apps i dont want it to.
David Delbecq wrote:
Is the purpose to prevent users having access to file system from adding
wars to tomcat? If yes, just use the OS to forbid write access to
appBase for any user and also p
Is the purpose to prevent users having access to file system from adding
wars to tomcat? If yes, just use the OS to forbid write access to
appBase for any user and also protect work directory from all users but
tomcat.
En l'instant précis du 01/03/07 11:22, Stephan Schöffel s'exprimait dans
toute
19 matches
Mail list logo
