tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henri Gomez <>
Subject RE: Outstanding bugs before 3.2 final?
Date Thu, 21 Sep 2000 19:25:21 GMT
> > Specifically, they should be ON BY DEFAULT, and we should add a
> > <suppress-stack-traces/> option to server.xml somewhere (not sure
> > where -- another delay while we figure this out).

Apache rules are to avoid security flaws by default.
But settings tomcat properties (usestacktrace) in server.xml 
(or properties in commandline) could be better.

In developpement you set the usestracktrace flag and remove it
in production.

+1 for security
-1 for complete removal of the feature
++1 for flag

Unix is like a tipi -- no Gates, no Windows, and an Apache inside.

View raw message