All,
I'm running 4.1.18 on solaris 2.8 - currently without
any problems as id tomcat. But my issue is I've to
give write permission to tomcat on the conf directory
inorder for tomcat to start successfully. Is there any
other way of starting tomcat without giving this
permission, is this a bug?,
I do not see this as a problem. You can lock the Tomcat account (do have
to give it a shell, though) and no one should be able to get into the
account. I use 'sudo' to allow others the ability to start and stop
Tomcat which 'su's to the Tomcat user before executing.
I myself use the Tomcat group,
I'm not sure if I making a correct assumption, but
isn't it possible that someone can exploit the running
tomcat process and gain access as tomcat into the
system (if so, having write permission on the conf dir
is dangerous)
--- Ben Ricker [EMAIL PROTECTED] wrote:
I do not see this as a
