Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Exposure to run JVM under root?

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Exposure to run JVM under root?
# 1  
Old 06-14-2011
Exposure to run JVM under root?
We noticed that a JMS application running on a WebSphere application Server (not inside the J2EE container) is trying to access some resources using the UserId root. We checked with the developers, they said they did not specify any userId and it may be WAS is assigning the userId running the JVM to the JMS application. They said that the JVM is started with root userId. Does this sounfd like an security exposure? If the JMS application is running as root, does it mean that they can add code to the program to do something else they needs root authority ? Should we stop them from starting a JVM under root ?
# 2  
Old 06-14-2011
Make a user for your WAS.
It's good practice and highly manageable, also secure.
Consult your documentation how to setup, it should also be user based, and not root.

You can run it, it will work, but i would advise against it, since it can cause various problems (exploit code running under root user can actually do alot of damage, NFS 'issues' etc.)
# 3  
Old 06-14-2011
Thanks for the reply. Will take your advice. I just want to make sure that I am not over reacting.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

Can't run mkdir even as root please help

I cannot mkdir as root please see below # mkdir /home/vm1/Desktop/nfs mkdir: cannot create directory `/home/vm1/Desktop/nfs': Permission deniedso i checked the selinux context below and got # ls -Z /home/vm1 drwxrwxrwx. root root system_u:object_r:autofs_t:s0 Desktop drwxr-xr-x. vm1 ... (10 Replies)
Discussion started by: nokia3310
10 Replies

2. Shell Programming and Scripting

Need to run a bash script that logs on as a non-root user and runs script as root

So I have a script that runs as a non-root user, lets say the username is 'xymon' . This script needs to log on to a remote system as a non-root user also and call up a bash script that runs another bash script as root. in short: user xymon on system A needs to run a file as root user and have... (2 Replies)
Discussion started by: damang111
2 Replies

3. Cybersecurity

Run chage as not root ?

Hello, Running Debian lenny. Is there any way to run $ chage --expiredate some_date user1 chage: Permission denied. as not root user inside script ? I really need to do this, I could grant whatever group membership to running user, setuid bit or whatever is needed ? (I do not want to do... (4 Replies)
Discussion started by: vilius
4 Replies

4. Shell Programming and Scripting

How to run Route in bash without as root

Hi friends, I will make a bash script for excecuted a route (My OS is Ubuntu 10.04) this is my script (with name mine.sh) #!/bin/bash route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.1 if I run this bash as root, i can run it.. root@venom-desktop:/home/venom#sh... (2 Replies)
Discussion started by: venom
2 Replies

5. UNIX for Dummies Questions & Answers

How to allow access to some commands having root privleges to be run bu non root user

hi i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies

6. Shell Programming and Scripting

how to run a command as root

Hi, i need to run a command as root.Whoever executes the command ,i will check for a particular role if that is satisfied i have to make it to run as root. Please help me to carry out this. Thanks Padmini (1 Reply)
Discussion started by: padmisri
1 Replies

7. AIX

Crontab cannot run by non-root user

Good morning everybody. I have just receiedv a complaint from our DBA saying that if he create a scripts to run some Oracle performance scripts using crontab and the scheduling part is ok but the job is failed when I checked on /var/adm/cron/log. I have tried his scripts using Oracle id directly... (4 Replies)
Discussion started by: kwliew999
4 Replies

8. Shell Programming and Scripting

Make program only run by root

Hi all, i hope i got this in the right place, what i am trying to do is make a program only run by root, ie for instance user fred is logged in and uses firefox, what id like to do is change that so that when fred wants to use firefox he will be asked to enter root password before he is allowed to... (14 Replies)
Discussion started by: dave123
14 Replies

9. Filesystems, Disks and Memory

RUN OUT SPACE (Root)

Dear Buddies, Plz Help me out ,,,,,, the Unix Servers i m working on ,,,Somes times run out of space in root ,,,due the generation of a file named STA ....which causes the system to crash ,,,,, plz hlp me !!!!!!!!!!!!!!!!!!!!!! how to find out the file ....generation causes ...... ... (6 Replies)
Discussion started by: scorpiyanz
6 Replies

10. UNIX for Dummies Questions & Answers

Run non-root script as root with non-root environment

All, I want to run a non-root script as the root user with non-root environment variables with crontab. The non-root user would have environment variables for database access such as Oracle or Sybase. The root user does not have the Oracle or Sybase enviroment variables. I thought you could do... (2 Replies)
Discussion started by: bubba112557
2 Replies
Login or Register to Ask a Question