This is a valuable security feature of unix/linux/solaris/free bsd/etc. Because it impacts tomcat config shouldn't be misinterpreted as some kind of limitation w/ the operating system. Windows may have caught up in some respects, but these type features are why unix/linux/etc are more secure than windows in a server environment.
-----Original Message----- From: Turner, John [mailto:[EMAIL PROTECTED]] Sent: Friday, January 10, 2003 8:04 AM To: 'Tomcat Users List' Subject: RE: difference between apache and tomcat webserver On UNIX/Linux, ports less than 1024 are privileged ports. To run a service on them, you have to run the service as root. Running services as root is generally a bad idea: an exploit like a buffer overflow can allow access to the operating system via that service, and since the service is running as root, the exploiter now has root access. Apache starts up as root, but uses child processes running as a non-root user with (preferably) very limited access to actually serve HTTP and HTTPS requests. Tomcat does not do this, and even though there are security measures built-in to the JVM, many people do not feel comfortable running Tomcat as root on a publicly accessible port like port 80. So, they use Apache on port 80, and "hide" Tomcat "behind" Apache. John > -----Original Message----- > From: Deepa Raja [mailto:[EMAIL PROTECTED]] > Sent: Friday, January 10, 2003 4:38 AM > To: Tomcat Users List > Subject: RE: difference between apache and tomcat webserver > > > Hi Julius > > could you please enlighten me on the following line please. > > 'Feels safer when using port < 1024 on linux/unix.' > > Thanks > Deepa > > -----Original Message----- > From: Julius Davies [mailto:[EMAIL PROTECTED]] > Sent: Thursday, January 09, 2003 10:28 PM > To: Tomcat Users List > Cc: [EMAIL PROTECTED] > Subject: RE: difference between apache and tomcat webserver > > > > krip pane, > > > I was under the impression that apache is needed to > > serve the jsp pages - looks like not. > > Too many people are under that impression. > > > what is the advantage or disadvantage of > > installing/using apache as your webserver and > > installing some connector (i.e. mod_jk) to use with > > tomcat. > > Advantages of using apache with tomcat: > > - Feels safer when using port < 1024 on linux/unix. > - Works together very well with lots of other web stuff (cgi, > perl, php). > - All the extra modules, for example: https. > - Everybody's doin' it. > > Notice that I don't include "speed of serving static files > and images". > This is because, frankly, if you're hosting a dynamic web > site, static files > are the least of your problems. Tomcat is just as fast at > sending a "304 - > Unmodified" response as Apache is, and that's all that matters. > > Disadvantages of using apache with tomcat: > > - Much, much harder to get everything working. As you've > discovered, it > takes about 2 minutes to get Tomcat up and running! You will > spend hours, > if not days, learning to pair Tomcat up with Apache. At > least judging from > this mailing list. I've never done it! > > yours, > > > Julius Davies, Programmer, CUCBC > Email: [EMAIL PROTECTED], Ph: 604.730.6385 > > The contents of this message are my own personal opinions, > and not those of > CUCBC. > > > > -----Original Message----- > > From: krip pane [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, January 09, 2003 2:05 PM > > To: tomcat > > Subject: difference between apache and tomcat webserver > > > > > > All, > > > > I hope I am understanding and asking this answer > > correctly. I recently installed tomcat 4.1 with > > default values and was able to server jsp pages. > > > > I was under the impression that apache is needed to > > serve the jsp pages - looks like not. So the question > > is what is the advantage or disadvantage of > > installing/using apache as your webserver and > > installing some connector (i.e. mod_jk) to use with > > tomcat. > > > > Thanks > > > > __________________________________________________ > > Do you Yahoo!? > > Yahoo! Mail Plus - Powerful. Affordable. Sign up now. > > http://mailplus.yahoo.com > > > > -- > > To unsubscribe, e-mail: > > <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: > > <mailto:[EMAIL PROTECTED]> > > > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
