Skip to Content.
Sympa Menu

grouper-users - RE: [grouper-users] Grouper and Tomcat5.5 on Ubuntu Hardy

Subject: Grouper Users - Open Discussion List

List archive

RE: [grouper-users] Grouper and Tomcat5.5 on Ubuntu Hardy

Chronological Thread 
  • From: Chris Hyzer <>
  • To: Martin van Es <>, "" <>
  • Subject: RE: [grouper-users] Grouper and Tomcat5.5 on Ubuntu Hardy
  • Date: Fri, 30 Jan 2009 07:52:58 -0500
  • Accept-language: en-US
  • Acceptlanguage: en-US

> Apparently Grouper 1.4.0 is not compatible with Ubuntu Hardy's default
> security implementation (catalina.policy), so my questions are: Is it
> (very)
> bad to run tomcat without security manager? And if so: what policy
> might be
> breaking Grouper?

We have discussed this before:

Grouper needs to write the filesystem, so you can allow that specific policy
if you like.

Either way, run your tomcat not as root, and make sure the user it runs as
has minimal rights (general security rule).

I personally don't feel like it is a bad idea to run without the security
manager [I don't use the security manager] (to minimize the time spent in
tracking down legitimate uses), especially if you trust the webapp running in
tomcat (and tomcat itself), and I happen to trust the webapp (Grouper), but
its up to you. :)


Archive powered by MHonArc 2.6.16.

Top of Page