Re: Security Best Practices on Windows Service
On 11/5/2014 1:34 PM, Igal @ getRailo.org wrote: hi, what are the security best practices for running Tomcat as a Windows Service? is the local system account safe or am I better off creating a new user and giving it write permissions only to the Tomcat runtime folders and read permissions to the web contents folder? TIA Hi, Igal- You might consider enabling the Java Security Manager. -Terence Bandoian - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Security Best Practices on Windows Service
>In my previous employment, we did that. Create a local user account and set permissions to the Tomcat installation directory and optional CATALINA_BASE (if you separated them). I agree with this (done hundreds of times), and you can set rights with xcacls. However this reminds us that usually the webapps directory must be writable for auto-deployment, as are temp, work and even conf (uploading of META-INF/context.xml to conf/Catalina) directories. This is good but not sufficient for complete security. For example, one still could exploit a vulnerability and introduce jsps of his own. Of course this jsp could not write outside anything of TOMCAT_BASE, but your website could be defaced or give a backdoor to a database. 2014-11-05 21:19 GMT+01:00 Leo Donahue : > On Wed, Nov 5, 2014 at 1:34 PM, Igal @ getRailo.org > wrote: > >> hi, >> >> what are the security best practices for running Tomcat as a Windows >> Service? >> >> is the local system account safe > > > Define safe. LocalSystem has too many privs that a Tomcat service account > doesn't need in my opinion. > > or am I better off creating a new user >> and giving it write permissions only to the Tomcat runtime folders and >> read permissions to the web contents folder? >> >> > In my previous employment, we did that. Create a local user account and > set permissions to the Tomcat installation directory and optional > CATALINA_BASE (if you separated them). We did not use domain accounts for > the Tomcat service account because the Tomcat service account did not need > access to network resources in our setup. Create a strong password. > > Leo - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Security Best Practices on Windows Service
>In my previous employment, we did that. Create a local user account and set permissions to the Tomcat installation directory and optional CATALINA_BASE (if you separated them). I agree with this (done hundreds of times), and you can set rights with xcacls. However this reminds us that usually the webapps directory must be writable for auto-deployment, as are temp, work and even conf (uploading of META-INF/context.xml to conf/Catalina) directories. This is good but not sufficient for complete security. For example, one still could exploit a vulnerability and introduce jsps of his own. Of course this jsp could not write outside anything of TOMCAT_BASE, but your website could be defaced or give a backdoor to a database. A.T. 2014-11-05 21:19 GMT+01:00 Leo Donahue : > On Wed, Nov 5, 2014 at 1:34 PM, Igal @ getRailo.org > wrote: > >> hi, >> >> what are the security best practices for running Tomcat as a Windows >> Service? >> >> is the local system account safe > > > Define safe. LocalSystem has too many privs that a Tomcat service account > doesn't need in my opinion. > > or am I better off creating a new user >> and giving it write permissions only to the Tomcat runtime folders and >> read permissions to the web contents folder? >> >> > In my previous employment, we did that. Create a local user account and > set permissions to the Tomcat installation directory and optional > CATALINA_BASE (if you separated them). We did not use domain accounts for > the Tomcat service account because the Tomcat service account did not need > access to network resources in our setup. Create a strong password. > > Leo - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Security Best Practices on Windows Service
On Wed, Nov 5, 2014 at 1:34 PM, Igal @ getRailo.org wrote: > hi, > > what are the security best practices for running Tomcat as a Windows > Service? > > is the local system account safe Define safe. LocalSystem has too many privs that a Tomcat service account doesn't need in my opinion. or am I better off creating a new user > and giving it write permissions only to the Tomcat runtime folders and > read permissions to the web contents folder? > > In my previous employment, we did that. Create a local user account and set permissions to the Tomcat installation directory and optional CATALINA_BASE (if you separated them). We did not use domain accounts for the Tomcat service account because the Tomcat service account did not need access to network resources in our setup. Create a strong password. Leo
Security Best Practices on Windows Service
hi, what are the security best practices for running Tomcat as a Windows Service? is the local system account safe or am I better off creating a new user and giving it write permissions only to the Tomcat runtime folders and read permissions to the web contents folder? TIA -- Igal Sapir Railo Core Developer http://getRailo.org/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org