grouper-users - RE: [grouper-users] Grouper and Tomcat5.5 on Ubuntu Hardy
Subject: Grouper Users - Open Discussion List
List archive
- From: Chris Hyzer <>
- To: Martin van Es <>, "" <>
- Subject: RE: [grouper-users] Grouper and Tomcat5.5 on Ubuntu Hardy
- Date: Fri, 30 Jan 2009 07:52:58 -0500
- Accept-language: en-US
- Acceptlanguage: en-US
> Apparently Grouper 1.4.0 is not compatible with Ubuntu Hardy's default
> security implementation (catalina.policy), so my questions are: Is it
> (very)
> bad to run tomcat without security manager? And if so: what policy
> might be
> breaking Grouper?
We have discussed this before:
https://mail.internet2.edu/wws/arc/grouper-users/2008-10/msg00060.html
Grouper needs to write the filesystem, so you can allow that specific policy
if you like.
Either way, run your tomcat not as root, and make sure the user it runs as
has minimal rights (general security rule).
I personally don't feel like it is a bad idea to run without the security
manager [I don't use the security manager] (to minimize the time spent in
tracking down legitimate uses), especially if you trust the webapp running in
tomcat (and tomcat itself), and I happen to trust the webapp (Grouper), but
its up to you. :)
Regards,
Chris
- Grouper and Tomcat5.5 on Ubuntu Hardy, Martin van Es, 01/30/2009
- RE: [grouper-users] Grouper and Tomcat5.5 on Ubuntu Hardy, Chris Hyzer, 01/30/2009
Archive powered by MHonArc 2.6.16.