Pier Fumagalli <[EMAIL PROTECTED]> writes: > "Pier Fumagalli" <[EMAIL PROTECTED]> wrote: > >> "Daniel Rall" <[EMAIL PROTECTED]> wrote: >> >>> I hadn't been able to reach the one at 8080 from off the machine since >>> Pier installed the mod_proxy ProxyPass magic for httpd (other than by >>> telnetting from the box and submitting the HTTP request by hand). >>> Personally, I much prefer not having to provide the port number (go >>> Pier!). >> >> Security hole... 8080 is bound only to 127.0.0.1... Now we control who gets >> into Tomcat, and the HTTP stack on Apache is _much_more_solid_... > > Sorry, this might sound harsh... There's no known security hole in TC's HTTP > connector, it's just security "consciousness".... Or whatever, I dunno, you > pick :)
Even so, +1. If it doesn't _need_ to be open to the Internet at large, why open it? Apache httpd needs to be, but Catalina does not. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
