Return-Path: <mhixson@aventail.com>
Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Delivered-To: mailing list tomcat-user@jakarta.apache.org
Received: (qmail 29865 invoked from network); 1 Sep 2000 00:48:52 -0000
Received: from sigterm.aventail.com (206.253.217.145)
  by locus.apache.org with SMTP; 1 Sep 2000 00:48:52 -0000
Received: from leo.in.aventail.com (leo.in.aventail.com [192.168.1.136])
	by sigterm.aventail.com (8.10.2/8.10.2) with ESMTP id e810mrj01690
	for <tomcat-user@jakarta.apache.org>; Thu, 31 Aug 2000 17:48:53 -0700 (PDT)
Received: from chilipepper (chilipepper.in.aventail.com [192.168.0.56]) by
 leo.in.aventail.com with SMTP (Microsoft Exchange Internet Mail Service
 Version 5.5.2448.0)
	id R4LWXNM3; Thu, 31 Aug 2000 17:47:22 -0700
From: Matthew Hixson <mhixson@aventail.com>
Organization: Aventail Corporation
To: tomcat-user@jakarta.apache.org
Subject: Re: Tomcat stability issues
Date: Thu, 31 Aug 2000 17:47:46 -0700
X-Mailer: KMail [version 1.0.28]
Content-Type: text/plain
References: <MJEMKOGGPAFLHDJNLJFCCEEJCBAA.dan.kirkpatrick@xxi.com>
 <39AE696F.F1B9B5A3@bga.com>
In-Reply-To: <39AE696F.F1B9B5A3@bga.com>
MIME-Version: 1.0
Message-Id: <0008311748491D.00420@chilipepper>
Content-Transfer-Encoding: 8bit
X-Spam-Rating: locus.apache.org 1.6.2 0/1000/N

On Thu, 31 Aug 2000, you wrote:
> Dan Kirkpatrick wrote:
> > 
> > I think a primary concern with respect to security is unknown.  I don't
> > think Tomcat has been tested thoroughly for things like buffer overflow
> > errors, and what their impact might be if exploited.  This is not to say
> > that Tomcat is less secure than Apache; instead, it is simply better known.
> 
> Buffer Overflow errors?  Java doesn't do buffer overflow errors.

Clearly a valuable feature missing from Java that is available in other
languages.
  -M@

-- 
Matt Hixson
Aventail Corporation
Seattle, Washington