[fedora-java] su to tomcat user?
Gary Benson
gbenson at redhat.com
Tue Aug 9 12:06:02 UTC 2005
John M. Gabriele wrote:
> I noticed there's a tomcat user on my system:
>
> [root at localhost ~]# cat /etc/passwd | grep tom
> tomcat:x:91:91:Tomcat:/usr/share/tomcat5:/bin/sh
>
> I'm just getting started using Tomcat on FC4.
>
> Should I be su'ing to tomcat to work with files
> in (and copy files into) /var/lib/tomcat5?
>
> Or do I work in there as root, then chown -R
> everthing to root:tomcat when I'm done?
Neither, ideally. You should be able to work as root and leave the
files owned as root. Or as any other user: I'll often create a
directory /var/lib/tomcat5/webapps/whatever and chown it gary.gary,
and then just work in there under my normal login.
Incidentally, does anyone know why the example webapps are chgrp
tomcat? It seems to have been done in order to giving the server
write access to its webapps, but allowing the server write into
classloader directories seems to me like an open invitation for
vulnerabilities and I'd like to remove it.
Cheers,
Gary
More information about the fedora-devel-java-list
mailing list