Has anyone every implemented the non-root user workaround suggested by Jetty at http://jetty.mortbay.org/jetty/doc/User80.html
-----Original Message----- From: Turner, John [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 05, 2002 8:05 AM To: 'Tomcat Users List' Subject: RE: Why run tomcat as root Tomcat, in and of itself, is not a "web server" as you're using the term. By "web server" I mean the ability to be a web server and bind to privileged port 80. This is not a requirement for a servlet container (servlet spec 2.3 SRV 4.1 says nothing about "a servlet container must have the ability to bind to port 80 as root but serve HTTP requests as a non-root user"). SRV 4 says only that a servlet container should support HTTP 1.1. Actually, it doesn't even really say that. What it actually says is: "The request object encapsulates all information from the client request. In the HTTP protocol, this information is transmitted from the client to the server in the HTTP headers and the message body of the request." In other words, as I understand it, you are welcome to use any sort of request object you like (and by extension, any port you like). If, by chance, you choose to use the HTTP protocol for your request object, then the servlet container should support HTTP 1.1. There's no reason, though, why a servlet container couldn't use a custom protocol and a custom request object. That's the purpose of the various connectors, after all, only one of which is an HTTP connector. You are not forced, either, to run Tomcat as root. You can run Tomcat as any user you like. The restriction of non-root users being unable to bind to privileged ports is a UNIX/Linux security restriction, not a Tomcat (or JVM) security restriction. So, the ability to "step down" from root to a non-root user is a matter of convenience, not a requirement, from a design point of view. Heck, on a Windows platform, due to a design deficiency in Windows, you can run Tomcat as a service on port 80 all you like, as long as the service is running with SYSTEM level privileges (SYSTEM being equivalent to root). So, from a Windows perspective, the ability to switch to a non-root user would be superfluous. ;) Standard open source development nudge: I'm sure the Tomcat team would welcome code contributions and design input from you if you took it upon yourself to write such a feature into Tomcat. John > -----Original Message----- > From: Kristjan Rznarsson [mailto:[EMAIL PROTECTED]] > Sent: Thursday, December 05, 2002 9:44 AM > To: Tomcat Users List > Subject: RE: Why run tomcat as root > > > That is true enough but those sound like workarounds your option #2 > suggests that Apache does not have this vulnerability of > having to run as > root to access privileged ports and I don�t see why Tomcat > should be any > different. I am still fishing for that simple attribute to > be added to > tomcat, or perhaps the JVM? that would enable tomcat to > somehow reduce > its privilege level after accessing privileged resources like > any proper > standalone server should. I may be simplistic but it seems to > me that this > would be a pretty fundamental ability for a standalone server and the > thougth is just mindblowing that theJVM does not offer > something similar. > I find that hard to believe. > > Cheers > KR > > > > > > "Ralph Einfeldt" <[EMAIL PROTECTED]> > 05.12.2002 13:38 > Please respond to "Tomcat Users List" > > > To: "Tomcat Users List" <[EMAIL PROTECTED]> > cc: > Subject: RE: Why run tomcat as root > > > As I said there are at least three options: > - Use tomcat behind a webserver (Apache, IIS) and connect it > with mod_jk* > This is the best documented attempt. > - Use tomcat behind a proxy (Apache, squid, ...). > That means tomcat is still listening on 8080 and the proxy > directs the requests from port 80 to 8080 > - Use Tomcat behind a port mapper > Quite (if you don't look to close) the same solution as the > proxy (iptables) > > > -----Original Message----- > > From: Kristj�n R�narsson [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, December 05, 2002 2:17 PM > > To: Tomcat Users List > > Subject: RE: Why run tomcat as root > > > > But I have not been able to figure out a way to downgrade the > > privileges of the Tomcat process after it has accessed the > privileged > > resources. I have been told that Apache can donwgrade the > > privilege level of processes after they have accessed privleged > resources but > > how do I do this to tomcat? > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
