Summary: | Tomcat 4.1.24-r1 sets wrong permissions on /etc/conf.d/tomcat | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Per Cederberg <per> |
Component: | Current packages | Assignee: | Java team <java> |
Status: | RESOLVED FIXED | ||
Severity: | minor | ||
Priority: | High | ||
Version: | 1.4_rc2 | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Per Cederberg
2003-06-01 03:32:24 UTC
Same here... If it's a security issue, why not use the tomcat user as owner of the file. The same comments apply to /opt/tomcat/logs. Bug 24371 is related. I noticed the same permissions problem with the file /etc/conf.d/tomcat Since it is often useful and sometimes necessary to have several Tomcat instances running it might be a good idea to 'chgrp tomcat /etc/conf.d/tomcat' then root can add users who will be running a tomcat instance to the tomcat group. However, I'm not sure this file would even be referenced if a normal user started tomcat via '/opt/tomcat/bin/cataline.sh start/stop/run' but I think the ebuild should chgrp the file in any case. Moving this again to java@gentoo.org, so everyone out there can help. Fixed in 4.1.29 and 5.0.18 |