tomcat on port 80 as user www:ww
Joshua Goodall
joshua at roughtrade.net
Mon May 26 08:08:09 PDT 2003
On Mon, May 26, 2003 at 02:18:47PM +0200, Roberto Nunnari wrote:
> What about running jakarta-tomcat4.1 as user www:www on port 80?
> I don't need apache, so I run tomcat on port 80, but I can only
> run it as root...
>
> Any known security issues with running jakarta-tomcat4.1 as user root?
Let me rephrase that for you.
"Any known security issues with running {APPLICATION} as user root?"
The answer is always yes. Anyone telling you otherwise is not fit
to manage a server. Well-written daemons that listen on privileged
ports change their uid as soon as possible.
Instead, I recommend investigating the possibilities of natd & divert
sockets.
Regards,
Joshua.
More information about the freebsd-java
mailing list