On Friday 06 December 2002 05:27, Sanjaya Singharage wrote: > This is a follow up to the post "why run romcat as root" (I meant to say > "why run tomcat as nobody"). > > After reading all the replies. My solution would be to run apache as root > on port 80 and then run tomcat behind the scenes using a connector and > running a user other than root. What I want to know is are there any > security concerns running tomcat as nobody?
Nobody should be an account without any files, this is a security issue. If you do an anonymous FTP login, you should access the system as user nobody. It's just as easy to create an user named tomcat and have this account as owner of all Tomcat files. > Thnak you very much for the previous replies. Regards, Cees. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
