Anyone know why starting the Tomcat 5.0.28 server on Linux makes the configuration file tomcat-users.xml world-readable? I had it set to permissions 600, but starting the server changes it to 644.
This seems like a security hole since any user of the system can read the plaintext passwords. Any thoughts? Thanks! --Fred -------------------------------------------------------------------------- Fred Stluka -- mailto:[EMAIL PROTECTED] -- http://bristle.com/~fred/ Bristle Software, Inc -- http://bristle.com -- "Glad to be of service!" -------------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
