I must've missed the place in the documentation where it explains how
to get Tomcat to start as root, then drop privileges after opening
listening sockets on low-numbered ports that are only accessible by
root, like Apache HTTPD does.
It's called the commons-daemon project. The linux compiled runtime of
this project is jsvc.
http://commons.apache.org/daemon/
--David
Mark H. Wood wrote:
I must've missed the place in the documentation where it explains how
to get Tomcat to start as root, then drop privileges after opening
listening sockets on low-numbered ports that are only accessible by
root, like Apache HTTPD does.
On most Unix-alikes, you have to choose:
o tell people to use port 8080 or whatever nonprivileged port you
configured;
o use a packet-mangling firewall rule to remap port 80 to port 8080
or whatever;
o place a proxy (such as Apache HTTPD) in front of Tomcat to forward
port 80 traffic;
o run Tomcat as root, allowing buggy app.s to make arbitrary changes
anywhere on your server.
If I ever have time to do something about that, I'll be sure to submit
a patch.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
