WebApp Sec mailing list archives

RE: Tomcat on port 80 or Java as root

From: "Martin Gil" <mgil () osinerg gob pe>
Date: Thu, 11 Mar 2004 11:01:31 -0500

You may use a diferent user as "www" for change it edit the httpd.conf
file.
But for run the services you must do it with root account (for use port
restrictions) and then you see the httpd process run with the "www"
account.



-----Mensaje original-----
De: Rajkumar S [mailto:listuser () myrealbox com] 
Enviado el: Jueves, 11 de Marzo de 2004 10:43 a.m.
Para: webappsec () securityfocus com
Asunto: Tomcat on port 80 or Java as root

Hi,

What are the implications of running tomcat as root(ie to run tomcat on 
port 80) Is java secure enough to run as root, or should I run some 
thing like apache in front ?

How about having Tux as a front end? Is it advisable from a security 
point of view?

with warm regards,

raj

Current thread:

Re: Tomcat on port 80 or Java as root, (continued)
- - Re: Tomcat on port 80 or Java as root Rajkumar S (Mar 13)
  - Re: Tomcat on port 80 or Java as root Aleksi Kallio (Mar 13)
- Re: Tomcat on port 80 or Java as root Dave Ockwell-Jenner (Mar 13)
- Re: Tomcat on port 80 or Java as root David Wall @ Yozons, Inc. (Mar 13)
- Re: Tomcat on port 80 or Java as root George Georgalis (Mar 13)
- RE: Tomcat on port 80 or Java as root urgoez (Mar 13)
- Re: Tomcat on port 80 or Java as root Daniel (Mar 12)
- RE: Tomcat on port 80 or Java as root Marc Deglos (Mar 12)
  - Re: Tomcat on port 80 or Java as root Rajkumar S (Mar 13)
  - Re: Tomcat on port 80 or Java as root Grega Bremec (Mar 14)
- RE: Tomcat on port 80 or Java as root Martin Gil (Mar 13)
- Re: Tomcat on port 80 or Java as root d31ik47 (Mar 13)
- Re: Tomcat on port 80 or Java as root Daniel (Mar 13)
- Re: Tomcat on port 80 or Java as root Daniel (Mar 13)