Aside from packet-mangling the port numbers between the interface(s) and Tomcat's sockets, there are two other ways to use "privileged" ports but not run Tomcat with special privilege:
1. Run behind something like Apache HTTPD, which already does the
privilege separation for you. This is a heavyweight approach,
probably too heavy if you don't have any other reason to run
HTTPD. (Reasons would include already having HTTPD for other
purposes, or needing some esoteric module whose function hasn't made
its way into Tomcat yet.)
2. Commons Daemon, also known as 'jsvc'. This is what most people
will recommend. They never say how it works, though, so I
investigated a little, and now I think I'm ready to believe in it.
jsvc is a native program which, after daemonizing itself, will
start up a JVM, have it load a given class, and invoke several
methods of that class.
jsvc will bring up a daemon in two stages. In the first stage it
runs as the invoker's UID (e.g. root) and calls a method in a
given class to set up privileged stuff like low-numbered ports.
Then it changes to a given UID and calls another method to
actually run the daemon's service. This is a rather clever way of
leveraging Java's classloading features to achieve the same effect
as familiar privilege-dropping, without forking and with isolation
of the platform-specific code in a single executable. Anyway,
recent Tomcat exposes the necessary methods to be run by jsvc.
I don't use jsvc yet, but I want to experiment a bit and eventually
submit patches to Gentoo to replace the current complicated rigmarole
in their Tomcat startup script with something simpler built around
jsvc.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.
pgpqvfZdn0IFL.pgp
Description: PGP signature
