When the server starts, it re-writes the tomcat-users.xml file, and when it does this, it uses the umask of the underlying process for creating the file. Since my umask is 022, the file is recreated with full read permission even though this permission has been removed from the original file. I tried setting the umask in the startup script to 066, and it's fine. I don't know if this is a bug or not. I personally believe that the server should maintain the permissions on the file when recreating it.
Jason. On Thu, 4 Mar 2004, Shapira, Yoav wrote: > > Hi, > The tomcat server needs to be able to write this file, because the admin > webapp allows for modifications which must be persisted to this file. > If you're not using a Realm based on this file, don't declare one in > server.xml. > > Yoav Shapira > Millennium ChemInformatics > > > >-----Original Message----- > >From: Jason Keltz [mailto:[EMAIL PROTECTED] > >Sent: Thursday, March 04, 2004 11:06 AM > >To: Tomcat Users List > >Subject: permission on tomcat-users.xml file > > > >Hi. > > > >If I set the permissions on the tomcat-users.xml file so that only the > >tomcat user can read the file, I notice that after starting the server, > >the permissions change from mode 600 to 644! Why would this happen, > and > >how can I prevent this from happening? > > > >Thanks, > > > >Jason Keltz > >[EMAIL PROTECTED] > > > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > > This e-mail, including any attachments, is a confidential business communication, > and may contain information that is confidential, proprietary and/or privileged. > This e-mail is intended only for the individual(s) to whom it is addressed, and may > not be saved, copied, printed, disclosed or used by anyone else. If you are not > the(an) intended recipient, please immediately delete this e-mail from your computer > system and notify the sender. Thank you. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
