You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by Henri Gomez <hg...@apache.org> on 2002/07/15 18:16:21 UTC

TC 4.1.7 write access on config dir

While packaging tomcat 4.1.7 rpm, and trying to make it as secure as
possible with tomcat running as tomcat4:tomcat4 and owning log/work/temp dir),
I see that it tries to write on conf/tomcat-users.xml.new or conf/jk2.properties,
and to mimic apache httpd server conf is owned by root and in read-only mode.

Any ideas to fix that ?



--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>