Luca Gervasi wrote:
Tomcat uses a low privilege user and the system-wide permissions are
thus enforced by OS but...i can still read all the istance-wide files
(tomcat-users.xml, server.xml and any other 644 file).
What is your scenario for running webapps? Are you going to run
third-party untrusted code (free hosting?), or anything else? In most
cases jail/chroot and accout with limited privileges are sufficient enough.
--
Mikolaj Rydzewski <m...@ceti.pl>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
