Hello! Here is my second question, now concerning Apache+Tomcat integration on Linux: Could someone tell me a reasonable users, groups and file permissions structure for apache, the tomcat-files itself and a typical webapp? - Java security aside.
1. Is it a good idea at all to place the webapps under apache's document root, having to care about all WEB-INF and other sensible directories with "deny from all" ? 2. Which account in which group? Apache needs access to static files somewhere in the webapp. (Which may be very dispersed f.e. in case of cocoon). If a "tomcat" user and the "apache" user account are in the same group with restricted permissions, I can't assign permissions to a group of developers, just another owner (me ;-). Ok, may it be. Additionally, if tomcat unpacks war files, all resulting directories are owned by tomcat alone. So should I put the "apache user into the "tomcat" group? 3.How paranoid must I be about tomcat-files (server-directory f.e)? Tomcat needs write access to some directories, but certainly I don't know all processes tomcat. You probably guess by now that I'm not grown up with Unix-systems. Spent my whole sunday with chmod and chown, now I would be very happy if someone told me something SIMPLE :-) Thank you, Sonja --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
