-----------------------------
Please read the FAQ!
<http://java.apache.org/faq/>
-----------------------------
"Craig R. McClanahan" wrote:
> Jean-Luc Rochat wrote:
>
> >
> > Paul Holbrook wrote:
>
> > > I have a secure file that only root can access. I want to be able to add
> > > things to that file as a servlet. As I understand, servlets run as
> > > nobody. Any suggestions?
> > >
> >
> > yep,
> >
> > start JServ as root with manual mode = On.
> > Servlet run as nobody because Apache default conf says to do so, and you
> > tell Apache (in jserv.conf, ApJServManual=Off, to start the JVM.
> >
> > Maybe you can create 2 zones, and use 2 JServs :
> > zone1 for all you servlets : you'll start it under user xy (or nobody)
> > zone2 for your ModifyFile servlet. start JServ with enough access rights
> > (maybe user root).
> > Jean-Luc
> >
>
> Running server apps as "root" can also lead to sleepless nights wondering how
> somebody might use it to crack security. One additional thing you might want
> to do is run the "root" JServ under a JDK 1.2 JVM with a security policy that
> only gives it access to the files or other resources it absolutely needs to
> meet your functional requirements.
>
> Craig McClanahan
>
Or create a specific user on the system to run the JVM and add that user to the
group listed in the group permissions of the desired file.
Though I think Craigs idea is better.
John
--
==============================================================================
Beta may be a state of mind
But Alpha is the state of being
me - but inspired be ./ sig
==============================================================================
--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
Archives and Other: <http://java.apache.org/main/mail.html>
Problems?: [EMAIL PROTECTED]
