> From: James H. H. Lampert [mailto:jam...@touchtonecorp.com] > Subject: Re: This is weird: can't bind to 443
> > Binding on ports < 1024 on Linux require elevated permissions, no? > If so, somebody please elaborate. That's a Linux restriction/feature - must be superuser to use the low port numbers. > It currently seems to be running under a user called "tomcat7." That's good. > By contrast, the one we've got running on a local CentOS box runs under root. That's bad. > The installation on the Google Debian instance was via an apt-get, and it put > things in places other than where I was expecting them to be That's a problem with all the 3rd-party repackaged versions of Tomcat. Best to use a real one from tomcat.apache.org. > Any suggestions on what to do about it? You should never run Tomcat under root - that means the webapps have full control of the system. Any webapp bugs open it up to hackers. Take a look at the FAQ for how to avoid that problem: https://wiki.apache.org/tomcat/HowTo#How_to_run_Tomcat_without_root_privileg es.3F - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. -----Original Message----- -- JHHL -- JHHL --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
smime.p7s
Description: S/MIME cryptographic signature
