If tomcat downgrades itself - all open sockets should be allowed to be continued to be used by it. Weblogic does this (in my observation of using it).
Apache runs the way you describe below. (from my understanding of apache that is)
Kristj�n R�narsson wrote:
<snipped />
How is the JVM implemented? Take tomcat for example. Is tomcat a:
a thread of the JVM proces a proper child process of the JVM??
something else??
Also If a java equivalent of setuid() existed would a Tomcat process who after the downgrade has restricted rights still be able to use the privileged ports after a UID downgrade?
They way I understood you on the subject of the internal architecture of Apache, and keep in mind I have not read the source code back to front, is that there is that Apache is not a single process that downgrades its UID. What happens is that a tiny stub of Apace code runs as root, and all it does is fork non privileged kids to do the work.
cheers
KR
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
