-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
George,
On 5/25/19 12:44, George S. wrote:
> A better way to do this would be to setup something like xinetd
> listening on a socket and use a connection to the socket to trigger
> the execution. You can write a configuration/parameters file in a
A better way to do this would be to setup something like xinetd
listening on a socket and use a connection to the socket to trigger the
execution. You can write a configuration/parameters file in a location.
Just a point: when you use runtime.exec on Linux, it does a fork of the
process. That
You are right about your security concerns. I feel obliged to state that
my use-case is perfectly valid and secure, the tomcat instance runs in a
VPN and the sudoers file is properly configured to only allow access to
a single user and a single command.
Anyhow it's the kind of area where you
On 22.05.19 18:31, Christopher Schultz wrote:
> Claude,
>
> On 5/21/19 14:20, Claude Brisson wrote:
> > (responding to myself)
>
> > The culprit is the option
>
> > NoNewPrivileges=true
>
> > in the file
> > /etc/systemd/system/multi-user.target.wants/tomcat8.service
>
> > When changed to false,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Claude,
On 5/21/19 14:20, Claude Brisson wrote:
> (responding to myself)
>
> The culprit is the option
>
> NoNewPrivileges=true
>
> in the file
> /etc/systemd/system/multi-user.target.wants/tomcat8.service
>
> When changed to false, one must
(responding to myself)
The culprit is the option
NoNewPrivileges=true
in the file /etc/systemd/system/multi-user.target.wants/tomcat8.service
When changed to false, one must also call 'systemctl daemon-reload' and
after a tomcat restart, the problem is solved.
Claude
On 21/05/2019
Hi all.
I use tomcat 8.5.39 and java oracle 1.8.0_191 on linux (ubuntu 19.04).
Tomcat was installed by apt-get and runs as a service.
If I open a shell as the tomcat8 user, I can launch a Java program which
successfully executes a sudo command in a sub-process.
But from a Java servlet, the