"Markus Schönhaber" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Zemian Deng wrote: > >> When setting up tomcat during boot startup on a linux/unix, is there more >> advantage using jsrv that comes with Tomcat as describe here: >> http://tomcat.apache.org/tomcat-6.0-doc/setup.html >> >> VS >> >> Just a plain shell script that calls catalina.sh ? > > With jsvc Tomcat is able to bind to privileged ports (for example 80, > 443) and drop root privileges right afterwards. > If you just use the shell scripts, you'd have to run Tomcat as root if > you'd want it to bind to privileged ports[1]. >
There is one other (usually small) advantage to jsvc. With jsvc, the shutdown port isn't used, so only root can shutdown/restart Tomcat. With the scripts, anyone with physical access to the machine can shutdown Tomcat. > Regards > mks > > [1] OTOH, making Tomcat *accessible* through a privileged port doesn't > necessarily mean that Tomcat has to *bind* to this port. Another > possibility to achieve this is, for example, to use netfilter or > something to redirect traffic from a privileged port to the > non-privileged port that Tomcat listens on. > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
