On Nov 02, 2007 at 12:50, Armin Fuerst praised the llamas by saying: > > > Servlets should get the temp dir location from the servlet context if they > > need to write temporary files. Trying to create files in the current dir is > > very broken AFAICT, so I don't see that this is a Tomcat bug. Closing. > > This is a good argument, but why make my life as sysadmin more difficult > than necessary? It's not my fault it any servlet wants to write into > this location?
Why not make everything world-writeable? Network daemons should have permission to write to as little as possible. If you want to be more permissive and understand the risks, then you can run a chmod yourself. It's hardly onerous. However, for a default install, tomcat should be as secure as possible. Obviously you should be fixing your servlets and not giving tomcat more permissions than it needs. > If changing the permission is a security issue, I agree, but at least > until now I don't see a disadvantage. > > Armin > > > -- David Pashley [EMAIL PROTECTED] Nihil curo de ista tua stulta superstitione. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
