WebApp Sec mailing list archives
Re: Tomcat on port 80 or Java as root
From: Dave Ockwell-Jenner <doj () solar-nexus com>
Date: Fri, 12 Mar 2004 10:46:12 -0500
Rajkumar S wrote:
Hi,What are the implications of running tomcat as root(ie to run tomcat on port 80) Is java secure enough to run as root, or should I run some thing like apache in front ?How about having Tux as a front end? Is it advisable from a security point of view?
I haven't seen much in the way of a Tomcat deployment directly on port 80 and facing the outside world. It's possible, but I'm not sure the Tomcat HTTP server receives the same level of security attention as (say) the Apache HTTP server.
It's usual to see one of two configurations - either running Apache with a "connector" (such as mod_jk, mod_webapp, etc.) that connects directly to Tomcat. In more hetrogenous environments (where there are a variety of app. servers), it's quite common to see Apache configured as a reverse proxy (using mod_proxy) to proxy requests to the Tomcat app. server.
Unfortunately I don't have much data on the relative security of one approach vs. another. However, I would recommend NOT using Tomcat directly.
-- Dave Ockwell-Jenner Solar Nexus Solutions http://www.solar-nexus.com/
Current thread:
- Tomcat on port 80 or Java as root Rajkumar S (Mar 11)
- RE: Tomcat on port 80 or Java as root Harshul Nayak (Mar 12)
- Re: Tomcat on port 80 or Java as root Rajkumar S (Mar 13)
- Re: Tomcat on port 80 or Java as root Aleksi Kallio (Mar 13)
- Re: Tomcat on port 80 or Java as root Dave Ockwell-Jenner (Mar 13)
- Re: Tomcat on port 80 or Java as root David Wall @ Yozons, Inc. (Mar 13)
- Re: Tomcat on port 80 or Java as root George Georgalis (Mar 13)
- RE: Tomcat on port 80 or Java as root urgoez (Mar 13)
- <Possible follow-ups>
- Re: Tomcat on port 80 or Java as root Daniel (Mar 12)
- RE: Tomcat on port 80 or Java as root Marc Deglos (Mar 12)
- Re: Tomcat on port 80 or Java as root Rajkumar S (Mar 13)
- Re: Tomcat on port 80 or Java as root Grega Bremec (Mar 14)
- RE: Tomcat on port 80 or Java as root Martin Gil (Mar 13)
- Re: Tomcat on port 80 or Java as root d31ik47 (Mar 13)
- Re: Tomcat on port 80 or Java as root Daniel (Mar 13)
(Thread continues...)
- RE: Tomcat on port 80 or Java as root Harshul Nayak (Mar 12)