Re: running tomcat with root user

Sun, 01 Feb 2009 12:18:51 -0800 

epicwin...@hotmail.com wrote:


Thanks for the reply and suggestion , i am doing some heavy reading right now on ACLs.  
Very interesting, looks like a possible solution.  I am doing this on a remote server 
with one drive so I am a little nervous about making these changes and seeing if it comes 
back up.  I am also concerned if there would be a performance hit.  I really wish there 
was a simpler solution.  I wonder how insecure it really would be to run tomcat as root 
or if there was a way to make it "more" secure


As far as I know, Tomcat itself is very secure and unlikely to do 
dangerous things by itself.  The problem is more at the level of 
non-Tomcat code which you are going to add to it.  If there is a bug in 
that code, well now you will be running that code as root, which means 
that there will be little to constrain it if it decides to overwrite 
/etc/passwd.



You could always constrain that code a bit, and activate the "security 
manager" in the JVM that is running Tomcat.  I am no great specialist 
(nor of Tomcat nor of Java by the way), but as far as I know, that is 
the kind of situation where the java security manager should help, and 
it is normally already configured and only needs to be activated.
I don't recall where you got your Tomcat from, but if you are under 
Linux and have used the platform package installer, chances are good 
that you will find a directory somewhere around /etc/tomcatx/conf.d (or 
policy.d), where you find some files having entries like :


// These permissions apply to all shared system extensions when
// ${java.home} points at $JAVA_HOME/jre
grant codeBase "file:${java.home}/lib/ext/-" {
  permission java.security.AllPermission;
};

(the above by the way not being something to just copy)


I believe you could use it to allow some specific webapps to write to 
specific places but not outside of that.
That of course only works if you run Tomcat as root, it will not allow 
you to give the Tomcat user more rights than the OS allows to some 
filesystem place.





---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org























					Reply via email to