You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Josh Knowles <Jo...@worldwidepackets.com> on 2001/12/15 02:34:46 UTC

starting as root but then running as TOMCAT_USER

I downloaded and installed tomcat 4.0.1 from the rpms and have it all
running but it looks like I have to set TOMCAT_USER to root if I want to run
it on port 80.  Is there a way to bind to port 80 using root but then run as
TOMCAT_USER?  I believe Apache does something like this.

Thanks,

Josh

--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>

Re: starting as root but then running as TOMCAT_USER

Posted by Jan Labanowski <jk...@osc.edu>.
There is another way (there always is...).

People do not seem to appreciate that this is not a problem if you
want to spend $30 or something on some old 100MHz Pentium PC in a surplus
store in an el chipo computer store  (or go to surplus of some University).

You can install Linux on this, build a firewall, and use DNAT to
make the world believe that it is talking to port 80, while the
Tomcat behind the firewall runs on port 8080. It also protects your
connectors and other things against hackers. You can only win with the
firewall. I will shamelessly advertise my write up on netfilter/iptables at:

    http://www.ccl.net/cca/software/UNIX/netfilter/

check the DSL/DMZ one, but read the first one, if you do not know iptables.
But I also admit that people did better write-ups and I give pointers.

Jan K. Labanowski            |    phone: 614-292-9279,  FAX: 614-292-7168
Ohio Supercomputer Center    |    Internet: jkl@osc.edu 
1224 Kinnear Rd,             |    http://www.ccl.net/chemistry.html
Columbus, OH 43212-1163      |    http://www.osc.edu/


On Fri, 14 Dec 2001, Josh Knowles wrote:

> I downloaded and installed tomcat 4.0.1 from the rpms and have it all
> running but it looks like I have to set TOMCAT_USER to root if I want to run
> it on port 80.  Is there a way to bind to port 80 using root but then run as
> TOMCAT_USER?  I believe Apache does something like this.
> 
> Thanks,
> 
> Josh
> 
> --
> To unsubscribe:   <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
> 



--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>