Actually, aside from the issue of running on a port under < 1024, the idea that Tomcat running as root would make it "easy for your webapp to do things admin applications, servers, and networks from a web interface" is pretty scary. The last thing I want is some developer writing some code they _think_ is pretty cool, only to have it run amok because it had the permission to do so. Like overwriting something in /proc, for example.
I would guess this is also the reason symlinks were turned off by default recently. Having something like Tomcat run in a JVM sandbox, but then allowing a class or JSP page to link out to any other location on a filesystem at will sort of defeats the purpose, especially when Tomcat runs as root. Running everything as root is begging for trouble and a phone call at 2:30 AM because something just got munged up by a rogue process or application. I'll pass. John > -----Original Message----- > From: Qmail List [mailto:edahnke@;earthlink.net] > Sent: Thursday, October 17, 2002 3:03 PM > To: Tomcat Users List > Subject: Re: Best practices question > > > > I have been wondering about this as well. Apache screams and hollers > BIG_SECURITY_HOLE if you compile it with the flags allowing > it to run as > root. > > That said, I love the fact that Tomcat runs as root. It makes > it easy for > your webapp to do things admin applications, servers, and > networks from a > web interface. > > But at what cost? Of course it would be best to run Tomcat as > nobody or > tomcat user or whoever, but if your app needs some root > permission at the OS > level, is it OK to run as root? > > I'd imagine the root OK concept must be due to the underlying > Java, but > can't really see why or how. Anyone know? > > > Great product this Tomcat. Kudos to all involved. > > > > > > ----- Original Message ----- > From: "Turner, John" <[EMAIL PROTECTED]> > To: "'Tomcat Users List'" <[EMAIL PROTECTED]> > Sent: Thursday, October 17, 2002 1:57 PM > Subject: RE: Best practices question > > > > > > I run Tomcat under a separate user account. I avoid > running services as > > root whenever possible. > > > > John > > > > > -----Original Message----- > > > From: Randy Paries [mailto:randy.paries@;unitnet.com] > > > Sent: Thursday, October 17, 2002 1:56 PM > > > To: 'Tomcat Users List' > > > Subject: Best practices question > > > > > > > > > Hello, > > > > > > I was wondering are most people starting tomcat from > root, or are they > > > doing it other ways. > > > > > > What is the suggestion for this. > > > > > > How big are the security issues if started by root > > > > > > Would it be ok to start it by user apache? > > > > > > Thanks > > > > > > > > > > > > -- > > > To unsubscribe, e-mail: > > > <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> > > > For additional commands, e-mail: > > > <mailto:tomcat-user-help@;jakarta.apache.org> > > > > > > > -- > > To unsubscribe, e-mail: > <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> > > For additional commands, e-mail: > <mailto:tomcat-user-help@;jakarta.apache.org> > > > > > -- > To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org> -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
