I do not see this as a problem. You can lock the Tomcat account (do have to give it a shell, though) and no one should be able to get into the account. I use 'sudo' to allow others the ability to start and stop Tomcat which 'su's to the Tomcat user before executing.
I myself use the Tomcat group, of which Tomcat is the only member, and apply root ownership to everything. You also need to make sure your WEB-INF is not in your docbase. HTH, Ben Ricker On Tue, 2003-03-11 at 13:20, krip pane wrote: > All, > > I'm running 4.1.18 on solaris 2.8 - currently without > any problems as id "tomcat". But my issue is I've to > give write permission to tomcat on the conf directory > inorder for tomcat to start successfully. Is there any > other way of starting tomcat without giving this > permission, is this a bug?, has it been addresses in a > different release. > > Thanks > > __________________________________________________ > Do you Yahoo!? > Yahoo! Web Hosting - establish your business online > http://webhosting.yahoo.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] -- Ben Ricker <[EMAIL PROTECTED]> Wellinx.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
