I had already found and used the ACTIVEMQ_USER variable in the init script, and it's working properly.
Thanks for confirming things will work fine by tightening down those permissions. I can't help but think this is at least a bug, if not a security issue. In the interest of least privileges, shouldn't the code in the JVM create the files using whatever the default umask on the system is instead of granting everyone access by default? I have to admit that I haven't confirmed in the code where this file creation is happening to know for sure that the code is explicitly setting world-writable permissions, so if I'm missing something, please let me know. Thanks! Justin -- View this message in context: http://activemq.2283324.n4.nabble.com/World-writable-KahaDB-files-tp4603663p4605059.html Sent from the ActiveMQ - User mailing list archive at Nabble.com.
