Fu-Tung Cheng wrote:
Hi,
I have different instances of tomcat running on different ports of the same
machine. The processes are running as different users. In this case could a
user different than the one who launched the process connect to the tomcat
shutdown port and cause the other instance to shutdown?
It seems like I can connect to the shutdown port of the other users tomcat
instances with telnet so I think it appears likely that I could tell the other
tomcat instance to shutdown.
How do I restrict this to only the user who launched the tomcat process?
As far as I know, you cannot. When a TCP port is "open", any local
process can connect to it, and the receiving port does not "know" who
that is. So, yes, unless you disable that port, anyone on the local
machine could shut down any of your Tomcats.
Telnet is the easiest way, but anyone with a bit of imagination can use
many other ways to do it, too.
Regarding users that are not on the local machine, there are many
possibilities, depending on the kind of host you are running on, to
prevent connections to that port from anywhere except "localhost".
Under Unix/Linux, one way might be tcp-wrappers (look up the files
/etc/hosts.allow and /etc/hosts.deny), but that may depend on whether
Tomcat pays attention to it or not.
You could also disable that connector altogether, but someone else
should comment if this can have unintended consequences (such as
preventing some "tomcat stop" script to work ?).
I also seem to remember that it is not enough to just connect to the
port, I believe you must also send some string. If so, it might be
possible to change that string to something not trivial somewhere.
I have always been curious about that feature. Maybe someone on the
list can explain why it exists at all ?
André
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
