Hello Oded
A conventional, simple, and accepted secure solution to the problem
of running tomcat as root is to
daemon su -c /home/tomcat/tcstart.sh tomcat
from root which transfers tomcat to run under process ownership
of user tomcat. Of course, you must create a user "tomcat", and
of course, this user could be given any arbitrary name.
An excellent article and cookbook method for setting this up
is provided at
http://www-128.ibm.com/developerworks/java/library/l-secjav.html
("Securing Linux for Java Services", D. M. Sosnoski)
which is an extensive explanation of setting up iptables to route
port 80 correctly to tomcat, and which provides two small but very
effective shell scripts (the first of which is started by root and
which includes the important "daemon su..." line above):
Listing 3. Tomcat service definition
and
Listing 4. Sample tcstart.sh
In addition, there is information included also about "chroot jail",
as the author says "for the truly paranoid".
Maurice Yarrow
Oded Arbel wrote:
The most important reason that I use an Apache frontend for tomcat,
which is probably not relevant to the original poster, is that under
Unix only root processes can open port 80 (the default HTTP port), and
so if tomcat is configured to serve pages on port 80, it must run as
root.
This is a serious security concern. Apache knows how to open port 80 and
then change to a non-privileged user, something which AFAIK tomcat -
being based on Java which does not support the concept of operating
system privileges - cannot do.
There for, some kind of frontend is required. While we are in the
process of providing a frontend, it might as well be Apache which
offers additional features: reverse-proxying and caching and support
for a huge number of scripting languages (python, perl or ruby
anyone ?) and other modules.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
