tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Crowther <>
Subject [OT] RE: redirection
Date Wed, 01 Apr 2009 15:44:45 GMT
> From: Gregor Schneider []
> See, I believe in the statement that the more components you're adding
> to an environment, the more possibilities there are for a
> security-hole. However, to believe is not to know...

It's clear that a naïve "more components => less secure" argument doesn't work in computer
security, as I think few people on this list would argue with the following: "A Tomcat server
with a dedicated firewall in front will be more secure than the same Tomcat with no dedicated
firewall in front."  Here, more components - and the assumption of fitness for purpose and
correct configuration - lead to an assumption of higher rather than lower security.

So we're then into a discussion of how well httpd + mod_security + { mod_proxy, mod_jk} would
serve for the purpose - a discussion of the *quality* of the components, rather than just
the *quantity*.  And that's why I'd love to see the hard data because, like you, I don't know

                - Peter

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message