I posted my reply after your original post, but before your succeeding posts were sent to the list. So, to answer your question: No, because there weren't any but your original.
Tim Funk posted a reply that gives you an overview of how to "downgrade" a JVM process. Did you read that? Ralph Einfeldt posted a reply that suggested using a proxy server or a port mapper. Did you read that? You can also use a web forwarding or URL cloaking service, such as the one at ZoneEdit.com. If you were to use that, you could "cloak" www.host.com:8080 behind www.host.com. Your users would never know the difference. That should be enough to keep you busy for awhile. John > -----Original Message----- > From: Kristjan Rznarsson [mailto:[EMAIL PROTECTED]] > Sent: Thursday, December 05, 2002 9:24 AM > To: Tomcat Users List > Subject: RE: Why run tomcat as root > > > First of did you read any but my original post? , please read > the one I > posted a little later. Hell! for your benifit I will > reproduce it here: > > quote---- > Sorry to tear up the message, I forgot to paste this into my > first one. > > You should also note that if you Run Tomacat as ROOT you may be more > secure against a local user trying to sabotage your Tomcat > but you will be > > vulnerable to malicious manipulations of your servlets. It is > possible for > > somebody use a servelets that give access to files on the > system tomcat > is running on to read local files, provided this person knows > the correct > path. If you run Tomcat as ROOT and you must if you want to > use privileged > > ports, you must be damn sure your firewall is properly > configured and that > > your servelets can not be abused this way. This behaviour > seems to be a > strange peculiarity of Java. Apache for example simply > accesses privileged > > resources as root and then downgrades the process to a less > privileged > level. A Java process however which you started as ROOT in > order to access > > a privileged resource can not be downgraded to a lower privileged > status/level after accessing that resoruce. At least as far > as I know, I > would be happy to find out if it is possible to downgrade the > privileges > of the tomcat process and any of its associated processes > after accessing > privileged ports. > > So the conclusion is that optimally tomcat shoud be started > as root to > access privileged ports and then downgraded by some means to > a on a very > restricted user accunt once it has accessed the privileged > resoruces. This > > allows you to use default ports but the tomcat process will > be running > under the restricted UID, preventing malicious manipulation > of servelets. > quote---- > > > This coin has two sides, on the one hand it his harder to > hack the root > account it self. > On the other hand any publucly available service running > under root is > vulnerable. > > now comes the clincher, about point 2, I KNOW THAT! > > I still have the same friggin problem > > A) I am requiered to use Tomcat standalone. > B) I do not have the option to use apache. > c) I must run tomcat as root to use privileged ports. > D) As far as I know and please enlighten me if I am wrong, > there is no > way, in java, to suid a process down after starting it as > root to access > privleged resources. Unlike Apache which I would be much more > comfortable > using, Tomcat as far as I know, does not offer the > comfortable option of > setting a "working" user and group in the httpd.conf file like Apache > does. > > This leaves me with the option of running apache as a normal user and > setting up some sort of a redirect service that runs as root > which is a > pretty unelegant solution compared to a tomcat that suid's it > self down > after accessing privileged resources. > > Cheers > > KR > -------------------------------------------------------------- > ------------------------------------------ > Follow cigar smoke, find fat man there.... > -------------------------------------------------------------- > ------------------------------------------ > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
