On 12/01/2010 11:55 AM, Gregor Schneider wrote:
Sure, since Apache is usually started within root-context ("sbin") - so that does make sense.
Right but it drops the user to apache if instructed to do so. Even then logs are root owned, and this is security precaution (like with jsvc)
And if you take a look into /var/logs, you can see exactly, that the logs inside this directory partly don't belong to root as long as they are not run within a root-context. A good example ist mysql:
This is not good example. mysql doesn't need to run on privileged port, and if your tomcat doesn't need to run on port 80, and you don't wish to secure your installation why using jsvc at the first place? Regards -- ^TM --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
