From: mast [mailto:[EMAIL PROTECTED]
Subject: permission on server.xml
Hi, one question i think
exemple we run java with user and group www
server.xml need to be readable for tomcat to work, but each
user that have access to a tomcat account can also read it
with a simple jsp code how
From: mast [mailto:[EMAIL PROTECTED]
Subject: Re: permission on server.xml
I mean with a jsp code you can see/write file can a user
write outside the webapps defined in the server.xml?
Certainly code in a .jsp or servlet can read or write anywhere that
Tomcat's userid is allowed
to deploy an application on
the app server.
From: mast [mailto:[EMAIL PROTECTED]
Subject: Re: permission on server.xml
i ask this because i have already a server with customer
that with a simple jsp code write file into the conf or
bin directory (and the user was under a webapps)
You
From: Eric Haszlakiewicz [mailto:[EMAIL PROTECTED]
Subject: Re: permission on server.xml
Charles, you're missing his point.
Wouldn't be the first time.
His user is not a website user, it's a _tomcat_ user.
I.e. someone that is allowed to deploy an application on
the app server.
You