Chad Loder wrote:
> Hello. I have successfully deployed my first test servlet
> using Tomcat as a standalone container. I am concerned with
> the default filesystem permissions given to my servlet
> by Tomcat.
>
> When my servlet is deployed under:
>
> tomcat_dir/webapps/mycontext
>
> the servlet is allowed to create the following directory:
>
> tomcat_dir/mydir
>
> It seems to me that the servlet, by default, should have
> NO filesystem permissions outside of its deployment context.
>
All of the servlets run in a single instance of Tomcat are running
inside a single JVM process, so they all (from the point of view of the
operating system) have a single user identity. Thus, by default, any
servlet has access to any file accessible to the username you are
starting Tomcat under.
>
> Is this behavior by design, and if so, why? :)
>
> Also if so, is there a way to disable it without hacking the
> source code?
>
If you are running version 3.2 of Tomcat on a JDK 1.2 or 1.3 system, you
can set up web applications to run under a Java security manager, which
can be used to limit web app access to files, network ports, the ability
to start threads, and everything else controllable through the Java
security model. There's instructions for setting this up in the
documentation directory.
If you want to try to rely on operating system file permissions, the
best you can do is run multiple instances of Tomcat, each under an
appropriate OS username.
>
> Thanks,
>
> Chad Loder
Craig McClanahan
