Groups | Search | Server Info | Keyboard shortcuts | Login | Register

Groups > comp.lang.java.programmer > #4327

Re: File uploaded under 'nobody' uid on linux

From Lew <noone@lewscanon.com>
Newsgroups comp.lang.java.programmer
Subject Re: File uploaded under 'nobody' uid on linux
Date 2011-05-19 22:10 -0400
Organization albasani.net
Message-ID <ir4iih$fos$1@news.albasani.net> (permalink)
References <4b17d468-3056-4dc2-b1bb-5124ec077589@v10g2000yqn.googlegroups.com> <ir2p4n$kf4$2@lust.ihug.co.nz> <ir34lt$eqj$1@news.albasani.net> <nospam-9D2A2B.20511619052011@news.aioe.org>

Show all headers | View raw

John B. Matthews wrote:
> Lew wrote:
>> Lawrence D'Oliveiro wrote:
>>> ruds wrote:
>>>> Now, please tell me what should I do so that whenever files are
>>>> uploaded they are stored with the user's name where all code and
>>>> other files are stored.
>>>
>>> On way is to activate this mechanism
>>> <http://httpd.apache.org/docs/current/suexec.html>.

>> The OP has not stated that he's using httpd.

> Lew: This point is well taken, but the article _does_ outline the
> (myriad) security issues that ruds should consider.
>
> ruds: If you don't use httpd/suEXEC, you're likely going to have to
> create something similar.

I use Tomcat a lot.  I always run it as a non-privileged user, with the 
installation directory tree under that same user's ownership.  This "nobody" 
issue has never arisen under that configuration for me.

I also run it as a multi-instance installation
<http://tomcat.apache.org/tomcat-6.0-doc/introduction.html>
<http://tomcat.apache.org/tomcat-7.0-doc/introduction.html>
"Optionally, Tomcat may be configured for multiple instances by defining 
$CATALINA_BASE for each instance."

One useful approach is to set CATALINA_BASE to $HOME/.tomcat or similar 
directory within the home directory of each designated Tomcat user.

See the section "Advanced Configuration - Multiple Tomcat Instances" in the 
$CATALINA_HOME/RUNNING.txt file.

-- 
Lew
Honi soit qui mal y pense.
http://upload.wikimedia.org/wikipedia/commons/c/cf/Friz.jpg

Back to comp.lang.java.programmer | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

File uploaded under 'nobody' uid on linux ruds <rudranee@gmail.com> - 2011-05-18 01:12 -0700
  Re: File uploaded under 'nobody' uid on linux Lew <noone@lewscanon.com> - 2011-05-18 13:17 -0400
    Re: File uploaded under 'nobody' uid on linux Lew <noone@lewscanon.com> - 2011-05-18 13:17 -0400
      Re: File uploaded under 'nobody' uid on linux ruds <rudranee@gmail.com> - 2011-05-18 21:53 -0700
        Re: File uploaded under 'nobody' uid on linux Nigel Wade <nmw-news@ion.le.ac.uk> - 2011-05-19 10:09 +0100
  Re: File uploaded under 'nobody' uid on linux Lawrence D'Oliveiro <ldo@geek-central.gen.new_zealand> - 2011-05-19 21:50 +1200
    Re: File uploaded under 'nobody' uid on linux Lew <noone@lewscanon.com> - 2011-05-19 09:07 -0400
      Re: File uploaded under 'nobody' uid on linux "John B. Matthews" <nospam@nospam.invalid> - 2011-05-19 20:51 -0400
        Re: File uploaded under 'nobody' uid on linux Lew <noone@lewscanon.com> - 2011-05-19 22:10 -0400
          Re: File uploaded under 'nobody' uid on linux "John B. Matthews" <nospam@nospam.invalid> - 2011-05-20 00:16 -0400
          Re: File uploaded under 'nobody' uid on linux ruds <rudranee@gmail.com> - 2011-05-24 01:15 -0700
            Re: File uploaded under 'nobody' uid on linux Lew <noone@lewscanon.com> - 2011-05-24 08:08 -0400
              Re: File uploaded under 'nobody' uid on linux "John B. Matthews" <nospam@nospam.invalid> - 2011-05-24 17:42 -0400

csiph-web