WebApp Sec mailing list archives
Re: Tomcat on port 80 or Java as root
From: Rajkumar S <listuser () myrealbox com>
Date: Fri, 12 Mar 2004 21:17:36 +0530
Marc Deglos wrote:
The question seems to be:"What are the implications of allowing web traffic to connect directly to Tomcat, instead of through apache?"
Yes, and unlike apache tomcat cannot drop root privilages, so running as root user also is implied.
raj
Current thread:
- Tomcat on port 80 or Java as root Rajkumar S (Mar 11)
- RE: Tomcat on port 80 or Java as root Harshul Nayak (Mar 12)
- Re: Tomcat on port 80 or Java as root Rajkumar S (Mar 13)
- Re: Tomcat on port 80 or Java as root Aleksi Kallio (Mar 13)
- Re: Tomcat on port 80 or Java as root Dave Ockwell-Jenner (Mar 13)
- Re: Tomcat on port 80 or Java as root David Wall @ Yozons, Inc. (Mar 13)
- Re: Tomcat on port 80 or Java as root George Georgalis (Mar 13)
- RE: Tomcat on port 80 or Java as root urgoez (Mar 13)
- <Possible follow-ups>
- Re: Tomcat on port 80 or Java as root Daniel (Mar 12)
- RE: Tomcat on port 80 or Java as root Marc Deglos (Mar 12)
- Re: Tomcat on port 80 or Java as root Rajkumar S (Mar 13)
- Re: Tomcat on port 80 or Java as root Grega Bremec (Mar 14)
- RE: Tomcat on port 80 or Java as root Martin Gil (Mar 13)
- Re: Tomcat on port 80 or Java as root d31ik47 (Mar 13)
- Re: Tomcat on port 80 or Java as root Daniel (Mar 13)
- Re: Tomcat on port 80 or Java as root Daniel (Mar 13)
- RE: Tomcat on port 80 or Java as root Harshul Nayak (Mar 12)