David Smith wrote:
Let's see if I can offer a direct answer. I don't believe tomcat is insecure, but there are always those holes that haven't been found yet and a chance that the bad guys will find them first.
The best practice approach to system security is to run all processes (tomcat included) at the minimum privilege level necessary to function. That way if an as yet unknown vulnerability is discovered and the attacker achieves the same privilege level as the service, he/she still shouldn't be able to get very far. The only benefit I've ever seen to running as root is the ability to bind to privilege ports below 1024 (web port 80 is one of them). In my opinion, not a big enough gain to warrant root privilege on the tomcat process.
Good point - I'm convinced.
I use jsvc which launches as root just long enough to capture the privileged ports necessary and then drops the root privilege to run as tomcat5. Very clean, runs on startup, and I don't have to worry about some unforeseen problem giving an attacker instant root privilege.
I wasn't aware of the jsvc, which answers my needs very well.
Thanks
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
