> From: Darryl Lewis [mailto:[email protected]] > Subject: Re: running tomcat6 under a different user than root (debian)
> That's why we encrypt passwords in unix, or haven't you > looked at etc/passwd lately? No, we encrypt them in Linux because the (very outmoded) /etc/passwd file is readable by anyone. Your critical server files should not have 644 on them, and any Java-based app servers you're running should have a security manager enabled if you can't trust your webapps. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
