Preview

Tomcat

Good Essays
Open Document
Open Document
637 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Tomcat
QY. Tomcat Technical Specification
© Copyright IBM Corporation, 2006, 2007 - All Rights Reserved
Version 4.3u – May 28, 2007

Version - Release Levels: Tomcat Version 4.x (from Apache) and higher
QY.1 System Setup
QY.1.1 Initial System Setup
QY.1.1.1 System Settings
Not applicable
QY.1.1.2 Network Settings
Not applicable
QY.1.2 System Controls
QY.1.2.1 Logging
Not applicable
QY.1.2.2 Identify and Authenticate Users
System Value/ Parameter
Description
Recommended Setting

Proposed to Setting
Reference
Tomcat id
An operating system ID having full system or security administration authority for the OSR of the Tomcat installation.

This is also the OS id that the Tomcat application will run as.
Must not be a personal user id
Must not have system privileged such as root/ administrator
Must not have system privileges beyond what the deployed application requires to run
A new group (Tomcat group) may be created which the Tomcat id is a member of

As recommended
2.1.1
Tomcat administrator
A web ID having access to the Tomcat configuration via the Tomcat web administration tool. This user id is not an OS id and is defined in the tomcat-users.xml file.
Must not be a personal user id.

Password must be changed directly after the installation.

As recommended
2.1.1
QY.1.2.3 Protecting Resources –OSRs
System Value/ Parameter
Recommended Setting

Proposed to Setting
Reference
Logs
No read access for general users

As recommended
2.2.4
$TOMCAT_HOME

The directory where the Tomcat is installed
The $TOMCAT_HOME and everything under it must be owned by the Tomcat id. The Tomcat group may have read access to it.

As recommended

$TOMCAT_HOME/conf/*
The files in this directory must be exclusively accessible only for Tomcat id. The Tomcat group must not have access to this directory.

As recommended

Sample Application
Must not be deployed or must be disabled

As recommended

QY.1.2.4 Protecting Resources - User Resources
System Value/Parameter
Recommended Setting

Proposed to

You May Also Find These Documents Helpful

  • Good Essays

    Java

    • 5076 Words
    • 21 Pages

    Explanation: B) Programs are classified as software to differentiate them from the mechanisms of the computer (hardware). Storage and the processor are two forms of hardware while input is the information that the program processes.…

    • 5076 Words
    • 21 Pages
    Good Essays
  • Good Essays

    Nt1330 Unit 1 Study Guide

    • 508 Words
    • 3 Pages

    * Access control: Access to the password file is limited to one or a very few…

    • 508 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    NT2670 Midtern Questions

    • 842 Words
    • 3 Pages

    A complete installation of an operating system that runs in a software environment emulating a physical computer.…

    • 842 Words
    • 3 Pages
    Powerful Essays
  • Satisfactory Essays

    Web Browser

    • 463 Words
    • 2 Pages

    Browser detection – detect which version of browser user is using to adjust viewing settings…

    • 463 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    Tomcat In Love

    • 1466 Words
    • 6 Pages

    “The goal, I suppose, any fiction writer has, no matter what your subject, is to hit the human heart and the tear ducts and the nape of the neck and to make a person feel something about the characters are going through and to experience the moral paradoxes and struggles of being human”(Tim O’Brien).…

    • 1466 Words
    • 6 Pages
    Powerful Essays
  • Best Essays

    Unix/Linux

    • 2760 Words
    • 12 Pages

    Windows, a much younger operating system, released in 1985, has exponentially grown in popularity ever since. Windows popularity is the biggest reason that it suffers malicious attacks more than any other operating system available. The numerous attacks…

    • 2760 Words
    • 12 Pages
    Best Essays
  • Powerful Essays

    CSEC 630 Final Exam

    • 1055 Words
    • 4 Pages

    Includes descriptions of security groups and their relationship to one another. This section maps group policies to security groups.…

    • 1055 Words
    • 4 Pages
    Powerful Essays
  • Good Essays

    File System and Group

    • 788 Words
    • 4 Pages

    Before going to discuss the file permission, let’s discuss the user account types in the UNIX. There are three types of user accounts on a UNIX system that are root account, system account and normal user account.…

    • 788 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    Groups will form in the first class session and provide a copy of the members to me (I will provide the form). There…

    • 1577 Words
    • 8 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Unit 3 Assessment

    • 321 Words
    • 3 Pages

    groups that suited the requirements in the scenario. Finally, you applied those security groups to the folder…

    • 321 Words
    • 3 Pages
    Satisfactory Essays
  • Better Essays

    What is groupthink? There is a simple definition for it, but is it truly that simple? The term groupthink refers to the inclination of group members to have the same opinions and beliefs; it frequently leads to mistakes. It often occurs without an individual being aware of it. Conflict is considered to be a harmful element when related to groups, but conflict is good when considering groupthink because it helps to eliminate the existence of a groupthink. The explanation sounds simple enough, but it is more complex than the description given.…

    • 993 Words
    • 4 Pages
    Better Essays
  • Good Essays

    Week2 lab 1

    • 494 Words
    • 2 Pages

    The su command allows you to run commands a super user or better known as root. The is kind of like when windows ask you if you want to run this program as an administrator. Instead of it asking you are telling it you want to run the command as root.…

    • 494 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Bcom 230 Dq

    • 453 Words
    • 2 Pages

    The term group think is a negative form of group decision-making event. It influences members in a group to base decision-making on bringing harmony to the group rather than making realistic decisions to bring forth issues to the table. As members of a group, we…

    • 453 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    bis345345

    • 487 Words
    • 3 Pages

    11. (TCO 1) The Create group on the Access ribbon includes all of the following EXCEPT:…

    • 487 Words
    • 3 Pages
    Good Essays
  • Better Essays

    Identification is the first of four steps of the security process. Any user that expects to gain access to a system is referred to as a supplicant, and the tool that every user who gains entry to the system is referred to as an Identifier. The identifier can have many different methods for identifying the supplicant. The…

    • 1725 Words
    • 5 Pages
    Better Essays