Security is the most important aspect of your job as an administrator; a server that’s compromised can’t serve any content and could possibly lead to loss of commercial secrets, financial details, or dignity. Securing a server includes many aspects, such as securing the file system, securing the databases, and securing the Tomcat server.
You can think of security as several layers, each of which is as important as the other. If your Tomcat server does somehow become compromised, you want to be sure that the file system, and all the information stored on it, isn’t compromised along with Tomcat.
This chapter will deal with Windows file system issues to start and then cover Unix file system issues. Once you’ve learned about these specifics, you’ll learn about general Tomcat security issues equally applicable to both operating systems.