You can change the perms to be more restrictive so long as the user id of the broker java process can access them.
it makes total sense to have a specific user identity to run the broker and restrict access to just that user for the data directory. There is some support for this in the current activemq script on trunk. See the ACTIVEMQ_USER env property. On 2 May 2012 17:09, justintime <jus...@techadvise.com> wrote: > It really makes me nervous knowing that anyone with any filesystem access to > my ActiveMQ machine can delete, overwrite, or corrupt my KahaDB files. > While we as users should do our best to secure our servers, I don't see why > 666 perms are needed on the db files and 777 perms are needed on the parent > directories. > > Is there a reason why they are created this way by ActiveMQ? Is there a way > to restrict those permissions to something a little more restrictive without > compromising functionality? > > -- > View this message in context: > http://activemq.2283324.n4.nabble.com/World-writable-KahaDB-files-tp4603663.html > Sent from the ActiveMQ - User mailing list archive at Nabble.com. -- http://fusesource.com http://blog.garytully.com
