tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: [OT] Memory Leak in Tomcat
Date Mon, 28 Feb 2011 16:02:20 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

הילה,

On 2/28/2011 5:17 AM, הילה wrote:
> How can I encrypt the password inside the xml file?

0. $file = conf/server.xml
1. Use your favorite encryption tool to encrypt the password and shove
   it into $file
2. Use that same tool in some code you hack-into Tomcat to read it
   back out.
3. Store the key to your favorite-tool encryption package in another
   file (say, s3cr3t.key)
4. $file = s3cr3t.key
5. Go to step 1.

Repeat this process until you feel like you're safe. (Hint: you are
still not safe). Scratch that: repeat this process until your boss or
your auditor feel like they are safe.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk1rxwwACgkQ9CaO5/Lv0PCtGQCgtxVxV9+N0AvRuYw0U6mi9ki1
ikgAn1xQNqRRtSKby531xKRHizxzEFwD
=uuFd
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message