"Pier Fumagalli" <[EMAIL PROTECTED]> wrote:
> "Daniel Rall" <[EMAIL PROTECTED]> wrote:
>
>> I hadn't been able to reach the one at 8080 from off the machine since
>> Pier installed the mod_proxy ProxyPass magic for httpd (other than by
>> telnetting from the box and submitting the HTTP request by hand).
>> Personally, I much prefer not having to provide the port number (go
>> Pier!).
>
> Security hole... 8080 is bound only to 127.0.0.1... Now we control who gets
> into Tomcat, and the HTTP stack on Apache is _much_more_solid_...
Sorry, this might sound harsh... There's no known security hole in TC's HTTP
connector, it's just security "consciousness".... Or whatever, I dunno, you
pick :)
Pier
--
I think that it's extremely foolish to name a server after the current U.S.
President. B.W. Fitzpatrick
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
