that it is possible to do this in server.xml.
2) Supposedly it is posseble to supress the listing for a single sub
directory of the webapps directory but not others using web.xml. How?
3) Supressing certain items in the directory listing but not others.
Mvh
Kristján Rúnarsson
Sanjaya Singharage [EMAIL PROTECTED]
05.12.2002 10:33
Please respond to Tomcat Users List
To: [EMAIL PROTECTED]
cc:
Subject:Why run tomcat as root
with respect to security what is the best way to run tomcat on linux? I am
running tomcat3.2.3 with
Sorry to tear up the message, I forgot to paste this into my first one.
You should also note that if you Run Tomacat as ROOT you may be more
secure against a local user trying to sabotage your Tomcat but you will be
vulnerable to malicious manipulations of your servlets. It is possible for
a connector, a port mapper or a proxy and use a user with the
least possible rights.
-Original Message-
From: Kristján Rúnarsson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 05, 2002 1:34 PM
To: Tomcat Users List
Subject: Re: Why run tomcat as root
The Root account is also
First of did you read any but my original post? , please read the one I
posted a little later. Hell! for your benifit I will reproduce it here:
quote
Sorry to tear up the message, I forgot to paste this into my first one.
You should also note that if you Run Tomacat as ROOT you may be more
the requests from port 80 to 8080
- Use Tomcat behind a port mapper
Quite (if you don't look to close) the same solution as the
proxy (iptables)
-Original Message-
From: Kristján Rúnarsson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, December 05, 2002 2:17 PM
To: Tomcat Users List
this
is if something happens to the port 80 and you must reopen it - the
whole JVM needs restarted.
Kristján Rúnarsson wrote:
I know, I accidentally posted that message before completing it, I
posted
the rest of it seperately.
I have heard alot of people expressing concer about this behavior
Kristján Rúnarsson, Tæknifræðingur, BSc.Eng. (Hons)
-
Íslandssími, Sóltún 26, 105 Reykjavík,
Iceland
GSM: 8200222
E-mail: kristjan.runarsson@SpamTag-RemoveThisislandssimi.is
for apache.
-Tim
Kristján Rúnarsson wrote:
So in summary, if I read you right, you are saying that java processes
can
not fork kids that run under another UID as the parent process?
If that is true, this whole situation sux ass and it should not be
possible to run Tomcat as ROOT at all which would
Is there any way of keeping track of people that contact a site? I have
had problems with people writing automated scripts to abuse a JSP based
service. What they basically do is to write a script that fakes a http
request sequence, pretending it is a browser like IExporer or Netscape. I
Those ports you mentioned are privileged ports, I think you can only use
them if you have ROOT rights (UNIX) or admin rights (Windoze NT/2000), if
you don't have root rights I don´t think Tomcat can bind to a privileged
port. Do you start Tomcat as ROOT?
Mvh
KR
--
To unsubscribe, e-mail:
I have been studying the Manager utility of Tomcat 4 and discovered that
it is possible to add contexts for webapps here just like in the Admin
utility in tomcat 3.x. If I add a context for my WebApplication with the
Manager's install command the WebApp also works.
What bothers me is that in
Hello everybody!
How does that servers.xml tie in with the :
Context path=/foo docBase=foo ... snip ... /
ServeletContext/Context-tags?
I am trying to port somebody elses (Grrr. no docu) webapps from
Tomcat 3.2.1 to Tomcat 4.0.6 and so far I have figured out that 4.0.6
Ist there a webinterface for Tomcat and where can I get it (if such an
animal exists that is)?
Greetings and Salutations
Kristjan Runarsson
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Hello Kristján,
http://localhost:8080/admin/
http://localhost:8080/manager/html
Boy do I feel stupid now! :-)
And where/how pray tell do I set the Passwd?
Is there no proper online ,blow by blow, tutorial for Tomcat? Their own
documentation is not very well structured.
Cheers
KR
--
To
First off Hello everybody!
I have been given the task of migrating from Tomcat 3.2.1 to 4.0.6. After
a lot of cussing I finally noticed that reference to port 8008 at the very
end of the server.xml and changed it to an unused port which means that I
have finally managed to get both the 3.2.1
First off thanx for the reply!
did you create a 'foo' context in server.xml?
No I just changed the ports in the example file that came with Tomcat
4.0.6 because the diff between it and the on for the 3.2.1 server seemd
too great. I suspect I am getting the server.xml configuration wrong.
17 matches
Mail list logo
