On Tue, May 12, 2020, 19:58 kohmoto <kohm...@iris.eonet.ne.jp> wrote:

> On 2020/05/13 0:47, John Larsen wrote:
> > I wouldnt recommend running tomcat as root
> Actually I run Tomcat as root. Your recommendation seems
> against my practice. It would be appreciated if you would
> advice me about points not running as root

This is not a security practice only for Tomcat, but ANY application
running on a Linux system (or any operating system for that matter).

If TC, running as root, is ever compromised, the compromising user
(attacker) can gain access to the whole of the system.  The attacker could
execute any arbitrary command available on the system.  They could remove
files, or install malicious software.

To limit a compromise, one should run the user of the application with the
least privileges (never as the root user)

Read more here

Limiting privileges can also be beneficial for lessening any inadvertent
damage, for example, to the local filesystem.  Let's say the app creates,
reads, writes, and deletes files.

And let's say the app is about to delete all files in a subdirectory path,
but the URI gets munged and the path to be purged is a system path.

Because the app has root privileges, all those system files will be
removed.    If the TC app is running as a limited user (something
traditional like "tomcat"), those system files will not be deleted.

Reply via email to