On 08/03/2011 10:11 PM, Jorge Medina wrote:
I run Tomcat in a Solaris 10 SPARC machine using jsvc through a init script.
jsvc is started by root, but I specify the "-user" option to change to
the "application" user.
I use the option "-outfile" and "-errfile" to specify where to direct
stdout and stderr, "catalina.out" and "catalina.err" in my
environment.
jsvc redirects stdout/stderr before setuid (changing to -user)
thus the files are created by superuser.
Actually that's the desired behavior; You have files writtable
by -user during the application life-time but created and
readable by root.
If you need lower security, don't use the commons daemon.
Regards
--
^TM
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org