For security reasons, you should probably create a tomcat user with low privileges and run Tomcat as that user. We suggest setting that user’s login shell to /sbin/ no login and locking the user’s password so that it can’t be guessed. Also, it’s probably
a good idea to make the tomcat user’s primary group the nobody group or another group with similarly low permissions. You will need to do this as the root user:
# useradd -g 46 -s /sbin/nologin -d /opt/tomcat/temp tomcat
If you do not have root access, you could run Tomcat as your login user, but beware that any security vulnerabilities (which are extremely rare) in Tomcat could be exploited remotely as your user account.
No comments:
Post a Comment