This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Talk:Securing tomcat"

From OWASP
Jump to: navigation, search
(new section: File Permissions)
Line 1: Line 1:
 +
== File permissions ==
 +
 +
Hmm, what does "Make sure tomcat user has read/write access to /tmp" mean? 
 +
 +
Tomcat creates a directory "temp", not "tmp", and read/write on a directory doesn't actually allow reading or writing.  I assume the intention is "chmod 700 temp"... would love if anyone can clarify.
 +
[[User:Douglasheld|Douglasheld]] 18:06, 3 April 2009 (UTC)
 +
 
== Newer Tomcat branches ==
 
== Newer Tomcat branches ==
  

Revision as of 18:06, 3 April 2009

File permissions

Hmm, what does "Make sure tomcat user has read/write access to /tmp" mean?

Tomcat creates a directory "temp", not "tmp", and read/write on a directory doesn't actually allow reading or writing. I assume the intention is "chmod 700 temp"... would love if anyone can clarify. Douglasheld 18:06, 3 April 2009 (UTC)

Newer Tomcat branches

This page is hopelessly outdated for anyone working with the Tomcat 6 branch. We need to figure out the best way to document security measures for the different supported branches. Ken 10:25, 20 March 2009 (UTC)

I've not had call to use Tomcat 6, but in a few months I plan to start experimenting with the embedded version. I don't mind expanding the article to have a section on 6 (and keep the section on 5.5), but I can't contribute anything just yet. My preference would be a single article as it will cut down on duplication. In the meantime, any differences, areas to cover, new features, etc. that others could note down will help speed things up. Darren 09:11, 26 March 2009 (UTC)