Qmail List wrote:
Would you really want to do this? Then any webapp developer could do the same. Not to mention that should some bug in Tomcat/Java with buffer overflow appear, you're looking at a "hostile takeover" situation. Not as likely as other servers, but generally speaking, it's there.I have been wondering about this as well. Apache screams and hollers BIG_SECURITY_HOLE if you compile it with the flags allowing it to run as root.That said, I love the fact that Tomcat runs as root. It makes it easy for your webapp to do things admin applications, servers, and networks from a web interface.
But at what cost? Of course it would be best to run Tomcat as nobody or tomcat user or whoever, but if your app needs some root permission at the OS level, is it OK to run as root?
There is SUDO...
If Apache doesn't need (and doesn't like) being run as root, neither should Tomcat. If there are privileged operations, then access to them must be authenticated. And if some specific user, with a user/pass, can access a privileged operation, so can Tomcat.I'd imagine the root OK concept must be due to the underlying Java, but can't really see why or how. Anyone know?
You should think not in terms of "how to hack this in", but in terms of security/service framework. There are some services that are privileged and access to them has certain rules which have to be implemented, not circumvented.
Nix.
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
