Return-Path: Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm Delivered-To: mailing list tomcat-dev@jakarta.apache.org Received: (qmail 8567 invoked from network); 21 Sep 2000 19:13:28 -0000 Received: from artemis.imaginet.fr (HELO mx2.imaginet.fr) (195.68.75.24) by locus.apache.org with SMTP; 21 Sep 2000 19:13:28 -0000 Received: from css5.cs (www2.slib.fr [195.68.49.130]) by mx2.imaginet.fr (8.9.3/8.8.8) with SMTP id VAA20719 for ; Thu, 21 Sep 2000 21:11:44 +0200 (MET DST) Received: from css4.cs (css4.cs [172.31.1.8]) by css5.cs (8.9.3/8.9.3) with ESMTP id VAA23044 for ; Thu, 21 Sep 2000 21:13:37 +0200 Received: from hgo1.cs ([172.31.1.151]) by css4.cs with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) id RMZZPR5V; Thu, 21 Sep 2000 21:11:59 +0200 Received: (from nobody@localhost) by hgo1.cs (8.9.3/8.9.3) id VAA31144 for tomcat-dev@jakarta.apache.org; Thu, 21 Sep 2000 21:25:21 +0200 X-Authentication-Warning: hgo1.cs: nobody set sender to hgomez@slib.fr using -f To: tomcat-dev@jakarta.apache.org Subject: RE: Outstanding bugs before 3.2 final? Message-ID: <969564321.39ca60a13be37@hgo1.cs> Date: Thu, 21 Sep 2000 21:25:21 +0200 (CEST) From: Henri Gomez References: <415081ABE0F8D31199BD00508BC22966078F8C@EXC01> In-Reply-To: <415081ABE0F8D31199BD00508BC22966078F8C@EXC01> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: IMP/PHP IMAP webmail program 2.2.2 X-Originating-IP: 172.31.1.5 X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N > > Specifically, they should be ON BY DEFAULT, and we should add a > > option to server.xml somewhere (not sure > > where -- another delay while we figure this out). Apache rules are to avoid security flaws by default. But settings tomcat properties (usestacktrace) in server.xml (or properties in commandline) could be better. In developpement you set the usestracktrace flag and remove it in production. +1 for security -1 for complete removal of the feature ++1 for flag - Unix is like a tipi -- no Gates, no Windows, and an Apache inside.