You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jim Goodspeed <go...@gmail.com> on 2007/02/22 19:19:19 UTC
Running tomcat as an unprivileged user with a war file
I would like to run tomcat as an unprivileged user for security reasons, but
when my war file is created through Ant it loses all of the permissions (as
it says it will in the Ant manual). Does anyone know of a way to run tomcat
as an unprivileged user and still use a war file which when it is created is
not accessible to the tomcat user?
I'm wondering if I need to create the war file as the tomcat user or maybe
change the default umask on my build machine - just wondering if anyone else
has run into this.
Thanks.
Re: Running tomcat as an unprivileged user with a war file
Posted by David Smith <dn...@cornell.edu>.
Jim Goodspeed wrote:
> I would like to run tomcat as an unprivileged user for security
> reasons, but
> when my war file is created through Ant it loses all of the
> permissions (as
> it says it will in the Ant manual). Does anyone know of a way to run
> tomcat
> as an unprivileged user and still use a war file which when it is
> created is
> not accessible to the tomcat user?
>
> I'm wondering if I need to create the war file as the tomcat user or
> maybe
> change the default umask on my build machine - just wondering if
> anyone else
> has run into this.
>
>
> Thanks.
>
Soooo ... setting the privileges on the war file to be readable by
tomcat doesn't work?
Here's how I understand the process:
When you deploy a .war file and tomcat is configured to expand them, the
.war file is expanded to a folder of the same name in the webapps
directory. In most systems I've ever encountered, the expanded folder
is owned by the tomcat process and therefore has full privileges. Even
when the .war file isn't expanded to the webapps directory, it's still
expanded to the work directory and all the files are owned by tomcat.
What OS are you running?
--David
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org