Le 21/07/2016 à 13:52, Emmanuel Bourg a écrit :
> I don't think any user can start Tomcat, because the init script has to
> switch to the tomcat user at some point and this requires root privileges.

The init.d script also generates the catalina.policy file as read-only
for the tomcat user, and this must be performed as root.


> That said the 'status' option should be usable by anyone. Currently it's
> restricted to the administrator.

This is no longer true with systemd, anyone can run:

    systemctl status tomcat8.service


> Should the tomcat user be allowed to control the daemon? I'm not sure
> this is a good idea, because a simple malicious JSP could then stop the
> server.

Actually a malicious JSP or an exploited vulnerability in a web
application can already stop the server simply by executing 'killall
java' (if the security manager is disabled).

Emmanuel Bourg

__
This is the maintainer address of Debian's Java team
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Reply via email to