Run it as a daemon then you can run it as a non root user with permissions on port 80
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 14 October 2004 15:20 To: Tomcat Users List Subject: RE: mod_jk2 Ready/Recommended For Production? Yes for static, but what about port 80? John > Dangerous. > > You should run tomcat as a non-root user, no login, no shell. The reason > Apache is involved is because we want Apache to serve static pages. > > -----Original Message----- > From: Mike Millson [mailto:[EMAIL PROTECTED] > Sent: October 14, 2004 9:58 AM > To: Tomcat Users List > Subject: Re: mod_jk2 Ready/Recommended For Production? > > > On Thu, 2004-10-14 at 05:56, Antony Paul wrote: >> Do you mean Apache dont have any security holes. I dont know about >> hacking a system. But in terms of security Tomcat is far better than >> Apache since it dont have any security vulnerabilities. >> > > But if you run tomcat standalone, you have to run tomcat as root. Apache > does not run as root, so if you run Apache in front of tomcat, you can > avoid > exposing the root account. > > Mike > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > !DSPAM:416e85e7242988496385758! > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Any opinions expressed in this E-mail may be those of the individual and not necessarily the company. This E-mail and any files transmitted with it are confidential and solely for the use of the intended recipient. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this E-mail in error and that any use or copying is strictly prohibited. If you have received this E-mail in error please notify the beCogent postmaster at [EMAIL PROTECTED] Unless expressly stated, opinions in this email are those of the individual sender and not beCogent Ltd. You must take full responsibility for virus checking this email and any attachments. Please note that the content of this email or any of its attachments may contain data that falls within the scope of the Data Protection Acts and that you must ensure that any handling or processing of such data by you is fully compliant with the terms and provisions of the Data Protection Act 1984 and 1998.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]