Securing your Tomcat installation on Windows 2003
We recommend that you do not run the Apache Tomcat Service on Windows as an administrator. You should create a new user with standard user privileges and add that as the user account for the Tomcat service to run as.
In order to make this work, you will need to ensure that your new Tomcat user has Modify permissions to the Tomcat install folder and the Java install folder. You will then need to ensure that it has Read permissions to the webroots of the applications in question.
NB: Never give any service account Full control over any folders. If in doubt, always use Modify rather than Full.
Tags:windows windows 2003