Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Sun
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Sun Application Server Drop Privs

from [Stephen Hauskins] Network Security [Permanent Link]
Subject: Re: Sun Application Server Drop Privs
Date: Tue, 24 Apr 2007 08:36:45 -0700 (PDT) 


If the main issue is your webservers then what should happen
is that the initial run as root should get reassigned to
the webserver owner, i.e. nobody, web, etc.

Stephen Hauskins
Divisional Liaison
Academic Computing Group
Division of Physical and Biological Sciences

We can't solve problems by using the same kind of thinking we used
when we created them.   Albert Einstein


On Mon, 23 Apr 2007, Crist J. Clark wrote:

We're using Sun Java System Application Server 8.1. I know
the software is designed so it can be run as a non-root user,
but right now, we have to run it as root since it binds to ports
80/tcp and 443/tcp.

I've hit SunSolve, docs.sun.com, and Google, but can't seem to
find out how to get it to drop privs to a non-root user after
grabbing the low-numbered ports. Anyone know how to do this?
I'd rather (a) not have this monster run as root if it doesn't
have to and (b) not have the web app developers have to get a
sys admin to make changes as root for them whenever they want
to tweak some file.
--
Crist J. Clark                     |     cjclark@alum.mit.edu


[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Sun Application Server Drop Privs, Crist J. Clark
Next by Date:  RE: Sun Application Server Drop Privs, Tony UcedaVelez
Previous by Thread:  Sun Application Server Drop Privs, Crist J. Clark
Next by Thread:  RE: Sun Application Server Drop Privs, Tony UcedaVelez
Indexes:  [Date] [Thread] [Top] [All Lists]