"Pier Fumagalli" <[EMAIL PROTECTED]> wrote: > "Daniel Rall" <[EMAIL PROTECTED]> wrote: > >> I hadn't been able to reach the one at 8080 from off the machine since >> Pier installed the mod_proxy ProxyPass magic for httpd (other than by >> telnetting from the box and submitting the HTTP request by hand). >> Personally, I much prefer not having to provide the port number (go >> Pier!). > > Security hole... 8080 is bound only to 127.0.0.1... Now we control who gets > into Tomcat, and the HTTP stack on Apache is _much_more_solid_...
Sorry, this might sound harsh... There's no known security hole in TC's HTTP connector, it's just security "consciousness".... Or whatever, I dunno, you pick :) Pier -- I think that it's extremely foolish to name a server after the current U.S. President. B.W. Fitzpatrick -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>