Pier,
I won't make commercials anymore for running as root, just to keep you
happy..
Maybe adding some extra info to the mod_jk.html howto about accesability of
the 8007 and 8009 ports if you don't change the defaults (you have to
specifically tell to only accept requests from address 127.0.0.1. Switching
that address thing in the standard distro' will improve security a lot..
telnetting to those ports is a big security risk for your webapp (at least
in my point of view..). Since people don't read their entire config files
all the time (me included btw..) and isn't mentioned in the
mod_jk-howto.html (the one in cvs..) and other documentation it's better to
deliver it a bit more secure then it is delivered now.. (talking about tc 33
now, didn't check the other tc's for those docs and problems).
If you say it is written in some kind of hidden doc somewhere (server.xml is
not a doc) then that is really not sufficient enough to point out to people
that they have a potiential big problem when they don't change those
settings.. (it just says if you want to bind it to a specific network
interface blahblah..)
Maby I'm wrong about this, then just let me know..
Please flame me if I missed something obvious , but a grep -r "address"
didn't give me any info on security issues involved in not setting that
thing..
>
> Let's try to be a LITTLE BIT security conscious here...
>
Maby your just having a bad day??
Let's start with the security tomcat can give by default instead of wining
about os security administration.. My answer in tomcat-user explicitely is
pretty self explaining :
> Please tell me what is dangerous about running tomcat as root? I've
> taken the following security measures :
> port 8007 and 8009 is blocked from the outside (firewall)
> tomcat is not running on 8080 and only allowing communications from
> localhost (127.0.0.1).
The only potential problem is that if a tomcat /apache bug is exploited, you
potentially have a problem.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Maby combining a little bit of the input a lot of people gave will end up in
a more secure tomcat and some nice docs.. JUST saying that your gonna flame
everybody who says that running tomcat as root isn't bad is saying to a
soccer goalkeeper it is ok to let the ball through, because the net protects
the other team from scoring.. If the keeper knows the rules a bit better he
will try to catch the ball anyway (=protecting the Interceptors). When he
didn't catch 20 balls, he is probably gonna train a bit more and get
fimiliar witch catching the ball (=su ing processes).
A nice little story about soccer ;-))
Mvgr,
Martin
