tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Craig Skinner <>
Subject Re: Tomcat 5 and 6 Security advise
Date Thu, 26 Jul 2007 19:18:37 GMT
On Thu, Jul 26, 2007 at 03:24:28PM +0300, Peter Stavrinides wrote:
> It makes for interesting reading, however it was written for Tomcat 4... 
> how current is it?? and nothing is mentioned about the benefits of 
> running Apache with Tomcat for securing Tomcat in a purely Java 
> environment, please read the question Craig!

Oh, so you are the one that uses the JavaOS. I was wondering who it was.

Since you are interested in security, I assume that you are using some
sort of UNIX-a-like OS, and that reference discusses chroot, user id's,
packet filtering, etc, etc. These things don't change much WRT TC
release points.

If you are using Solaris, as I guess you are since you work for thieves,
err, a financial company, then you could use zones for tomcat & apache.

I guess you missed the items in the pdf that Chuck spoon fed you.

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message