I do the same thing and it works great. JBoss runs as a user named "JBoss"
- if you were really worried about hackers, you could probably even run
JBoss chrooted.
David Green
On Thu, 28 Jun 2001, Sebastien Alborini wrote:
> Hi,
>
> tomcat runs on port 8080 as non-root user. We use ipchains to
one out first. I'll RTM on ipchains...
>
> -Original Message-
> From: Jim Archer
> To: [EMAIL PROTECTED]
> Sent: 6/28/01 2:36 PM
> Subject: Re: [JBoss-dev] Jboss site question
>
> Jay, on what operating system? On Linux, running Tomcat (or any other
> web
>
Jay, on what operating system? On Linux, running Tomcat (or any other web
server) as root introduces security problems, yes. When an exploit is
discovered in Tomcat, the consequences are severe if Tomcat runs as root.
If it runs as a no privilidge user such as nobody (or in our case, jBoss
use
s
one out first. I'll RTM on ipchains...
-Original Message-
From: Jim Archer
To: [EMAIL PROTECTED]
Sent: 6/28/01 2:36 PM
Subject: Re: [JBoss-dev] Jboss site question
Jay, on what operating system? On Linux, running Tomcat (or any other
web
server) as root introduces security pro
Hi,
tomcat runs on port 8080 as non-root user. We use ipchains to redirect
traffic on port 80 to 8080 (and to block traffic to unauthorized ports,
such as 8082, 1099)
I would probably do exactly the same with jetty.
Sebastien
On Thu, 28 Jun 2001, Jay Walters wrote:
> In order to listen on
In order to listen on port 80 with tomcat does one need to run Jboss as
root? Does this present a security hazard - does Tomcat have any odd
backdoors. Is jetty any different?
Cheers
Jay
___
Jboss-development mailing list
[EMAIL PROTECTED]
http://lis