Author: markt Date: Mon Feb 24 09:29:25 2014 New Revision: 1571197 URL: http://svn.apache.org/r1571197 Log: Fix typos
Modified: tomcat/tc7.0.x/trunk/webapps/docs/security-howto.xml Modified: tomcat/tc7.0.x/trunk/webapps/docs/security-howto.xml URL: http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/security-howto.xml?rev=1571197&r1=1571196&r2=1571197&view=diff ============================================================================== --- tomcat/tc7.0.x/trunk/webapps/docs/security-howto.xml (original) +++ tomcat/tc7.0.x/trunk/webapps/docs/security-howto.xml Mon Feb 24 09:29:25 2014 @@ -55,11 +55,11 @@ the Tomcat process and provide that user with the minimum necessary permissions for the operating system. For example, it should not be possible to log on remotely using the Tomcat user.</p> - <p>File permissions should also be suitable restricted. Taking the Tomcat + <p>File permissions should also be suitably restricted. Taking the Tomcat instances at the ASF as an example (where auto-deployment is disabled and web applications are deployed as exploded directories), the standard configuration is to have all Tomcat files owned by root with group Tomcat - and whilst owner has read/write priviliges, group only has read and world + and whilst owner has read/write privileges, group only has read and world has no permissions. The exceptions are the logs, temp and work directory that are owned by the Tomcat user rather than root. This means that even if an attacker compromises the Tomcat process, they can't change the --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org