The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

Java Buzz Forum
Securing Pebble #2 : Don't run your server as root

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
Simon Brown

Posts: 636
Nickname: simonbrown
Registered: Jun, 2003

Simon Brown is a Java developer, architect and author.
Securing Pebble #2 : Don't run your server as root Posted: Sep 2, 2004 4:08 AM
Reply to this message Reply

This post originated from an RSS feed registered with Java Buzz by Simon Brown.
Original Post: Securing Pebble #2 : Don't run your server as root
Feed Title: Simon Brown's weblog
Feed URL: http://www.simongbrown.com/blog/feed.xml?flavor=rss20&category=java
Feed Description: My thoughts on Java, software development and technology. 		Latest Java Buzz Posts
Latest Java Buzz Posts by Simon Brown
Latest Posts From Simon Brown's weblog

Advertisement

This is another often-overlooked point, but don't run your production app/web server as root. Should somebody manage to hack in (by uploading a JSP or otherwise executing some code on the server), that code will have access to everything root does. Run your server as an unprivileged user and don't forget to lock down the files they need to read/write.

Read: Securing Pebble #2 : Don't run your server as root

Topic: Too Much IDEA... Previous Topic   Next Topic Topic: [Aug 24, 2004 16:00 PDT] 3 Links
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use