chmod 600 /var/lib/tomcat4/webapps/axis2
/WEB-INF/conf/axis2.xml
That'll make the file read / writable by only the owner. Other accounts won't be able to access it.
To make it read-only by only the ownew:
chmod 400 /var/lib/tomcat4/webapps/axis2
/WEB-INF/conf/axis2.xml
HTH,
Robert
Hi all,
When I deploy axis2.war in Tomcat, the file
/var/lib/tomcat4/webapps/axis2/WEB-INF/conf/axis2.xml
(where the admin-pass is stored)
is readable by all users on the system.
I'm using Debian sarge (stable).
Am I missing something or is this a serious security issue?
Bram
