On 01/19/11 13:47, Mark Thomas wrote: > On 19/01/2011 18:45, bugzi...@apache.org wrote: >> https://issues.apache.org/bugzilla/show_bug.cgi?id=22405 >> >> --- Comment #5 from Mark Thomas <ma...@apache.org> 2011-01-19 13:45:40 EST >> --- >> Created an attachment (id=26519) >> --> (https://issues.apache.org/bugzilla/attachment.cgi?id=26519) >> Proposed patch for Tomcat 7 >> >> This patch adds a new listener that checks the user Tomcat is running as and >> the umask being used. > > I didn't apply this directly as it stops Tomcat from starting (not on > Windows) as root or if the umask is not at least as restrictive as 0007. > > WDYT?
I'd like that to be a warning, not a fatal error. Thinking you know all about what is right for every deployment is a bit of hubris that will not serve us well. If you're going to go down the road of saving the user from their own actions,please at least provide an override in the config file or even -Dignore-runas-error=true --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
