Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!goblin1!goblin.stu.neva.ru!news2.euro.net!feeder.news-service.com!94.75.214.39.MISMATCH!aioe.org!.POSTED!not-for-mail From: "John B. Matthews" Newsgroups: comp.lang.java.programmer Subject: Re: File uploaded under 'nobody' uid on linux Date: Tue, 24 May 2011 17:42:52 -0400 Organization: The Wasteland Lines: 34 Message-ID: References: <4b17d468-3056-4dc2-b1bb-5124ec077589@v10g2000yqn.googlegroups.com> <14bf3bb1-dd67-4157-a8a2-ffbe1fad1559@e26g2000vbz.googlegroups.com> NNTP-Posting-Host: LQJtZWzu+iKlBROuDg+IUg.user.speranza.aioe.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Complaints-To: abuse@aioe.org User-Agent: MT-NewsWatcher/3.5.3b3 (Intel Mac OS X) X-Notice: Filtered by postfilter v. 0.8.2 Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.programmer:4549 In article , Lew wrote: > ruds wrote: > > Tomcat is being run under root user. But my file location are in > > another users home and it is in root group. So, I cannot use suExec > > as it does not allow root goup users to run the program. I'm still > > not able to understand how does files get uploaded under nobody'd > > uid? > > > > Please help. > > It has already been suggested that you not run Tomcat under root > user. It has been proffered that that is possibly why it's using > "nobody" as the user. Did you try that solution? > > To refresh your memory: > > ruds wrote: > >> So isn't Tomcat running under root? > > Nigel Wade wrote: > > That would be exceedingly dangerous. Maybe Tomcat has changed its > > effective UID to "nobody" to avoid those dangers. > > Let us know how that works for you, something you have not done so far. ruds: It would also help to clarify the goal as it relates to security, e.g. one user v. many, known user(s) v. unknown, etc. -- John B. Matthews trashgod at gmail dot com