Hi:
We have a security concern about servlets running as the web server
UID/GID. Also, every developer in the same zone can access all of the
other servlets in that zone, right? This means adding a new zone each time
a new developer wants to do a project on our central server.
I've been looking through the online documents and I see suggestions such
as putting each developer in a separate zone and/or running multiple
JServs. From my point of view as a system manager, this creates a very
complicated system when you have multiple developers using central servers
(which is our case).
There is mention of future changes to JServ to allow control of UID/GID via
the configuration files. Can someone elaborate on this? We currently run
our Apache servers with special UID/GID's and we also use CGIWrap to
restrict what developer's CGI programs can do.
We have three main central web servers and dozens of developers. So far, I
have found this concept of zones and mount points to be very confusing and
difficult to setup. Am I the only one that feels this way? Is this a
design thing driven by the way Java works or what?
Thanks for your help,
Brian S. Wallace
Oak Ridge National Laboratory
P. O. Box 2008, MS 6394
Oak Ridge, Tennessee 37831-6394
Voice (423) 576-3193
Fax (423) 574-5323
http://www-internal.ornl.gov/~xsw/
----------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://www.working-dogs.com/>
Problems?: [EMAIL PROTECTED]
