WebApp Sec mailing list archives
Re: Tomcat on port 80 or Java as root
From: Rajkumar S <listuser () myrealbox com>
Date: Fri, 12 Mar 2004 20:24:48 +0530
Harshul Nayak wrote:
AFAIK tomcat is a servlet container running on apache.
Tomcat can also listen to port 80 and serve pages with out apache. From the responses I get a feeling not much reserch has not gone into tomcat web server. I know running any thing as root is bad, but beyond that I am looking for some sort of analysis of Tomcat Security.
Same is the case with tux. As it is running inside kernel (some what similar to IIS, I believe) the risks are more, but even after quite a bit of searching I could not find any security analysis of Tux.
raj
Current thread:
- Tomcat on port 80 or Java as root Rajkumar S (Mar 11)
- RE: Tomcat on port 80 or Java as root Harshul Nayak (Mar 12)
- Re: Tomcat on port 80 or Java as root Rajkumar S (Mar 13)
- Re: Tomcat on port 80 or Java as root Aleksi Kallio (Mar 13)
- Re: Tomcat on port 80 or Java as root Dave Ockwell-Jenner (Mar 13)
- Re: Tomcat on port 80 or Java as root David Wall @ Yozons, Inc. (Mar 13)
- Re: Tomcat on port 80 or Java as root George Georgalis (Mar 13)
- RE: Tomcat on port 80 or Java as root urgoez (Mar 13)
- <Possible follow-ups>
- Re: Tomcat on port 80 or Java as root Daniel (Mar 12)
- RE: Tomcat on port 80 or Java as root Marc Deglos (Mar 12)
- Re: Tomcat on port 80 or Java as root Rajkumar S (Mar 13)
- Re: Tomcat on port 80 or Java as root Grega Bremec (Mar 14)
- RE: Tomcat on port 80 or Java as root Martin Gil (Mar 13)
(Thread continues...)
- RE: Tomcat on port 80 or Java as root Harshul Nayak (Mar 12)