> IMHO this is a case of the Tomcat team being restricted by the
> deficiencies of Java
Tomcat and Java work just fine. There are plenty of ways to NOT run it as
root. Ralph and Cees gave you at least three, one of which you could do
trvially within 30 seconds.
> When started my tomcat server and found out it could use privileged ports
Obviously, you didn't use any of them. And you also given WebApps free
reign over your entire system.
> There should be a huge disclaimer about this on the Tomcat Web
> page stating that people use privileged ports at their own risk
This is a linux admin issue. If there should be a disclaimer, it ought to
be on the linux install or root login.
> This is a nasty pitfall.
Access to ports < 1024 and minimizing root services is a well-understood
issue for anyone who ought to be using a *nix system, having nothing to do
with any specific server application.
--- Noel
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
