Have you tried creating a properties file or editing the existing properties file that contains the environment variables associated with launching the app server? I know for the Sun Proxy server you can create a properties page that contains the user that will run the service as well as the ports to which it will bind to. The properties file may be accessed by root, but privs will be dropped to the user defined within the config file.
Tony UcedaVĂ©lez, CISM, CISA, GIAC Managing Partner VerSprite, LLC (office) 678.938.3434 (email) [EMAIL PROTECTED] (web) www.versprite.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crist J. Clark Sent: Monday, April 23, 2007 8:11 PM To: [email protected] Subject: Sun Application Server Drop Privs We're using Sun Java System Application Server 8.1. I know the software is designed so it can be run as a non-root user, but right now, we have to run it as root since it binds to ports 80/tcp and 443/tcp. I've hit SunSolve, docs.sun.com, and Google, but can't seem to find out how to get it to drop privs to a non-root user after grabbing the low-numbered ports. Anyone know how to do this? I'd rather (a) not have this monster run as root if it doesn't have to and (b) not have the web app developers have to get a sys admin to make changes as root for them whenever they want to tweak some file. -- Crist J. Clark | [EMAIL PROTECTED]
