You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Sanjaya Singharage <Sa...@jkcs.slt.lk> on 2002/12/05 11:33:40 UTC

Why run tomcat as root

with respect to security what is the best way to run tomcat on linux? I am
running tomcat3.2.3 with apache1.3.26 and mod_jk
1. Run as root?
2. Run as nobody?
3.Run as other user (eg. tomcat)?

why is running tomcat as a certain user more secure than running it as
others?
If this is the appropriate place to ask a question on apache and tomcat,
what would be the answer to the same question regarding running apache and
tomcat together.

thanx.





--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: Why run tomcat as root

Posted by Tim Funk <fu...@joedog.org>.

Run apache as one id (nobody?)
Run tomcat as another id (tomcat?)

Running as root ... dangerous.

Sanjaya Singharage wrote:
> with respect to security what is the best way to run tomcat on linux? I am
> running tomcat3.2.3 with apache1.3.26 and mod_jk
> 1. Run as root?
> 2. Run as nobody?
> 3.Run as other user (eg. tomcat)?
> 
> why is running tomcat as a certain user more secure than running it as
> others?
> If this is the appropriate place to ask a question on apache and tomcat,
> what would be the answer to the same question regarding running apache and
> tomcat together.
> 
> thanx.
> 


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>