+1
>-----Original Message-----
>From: Andrey Kartashov [mailto:[EMAIL PROTECTED]]
>Sent: Sunday, May 13, 2001 12:12 AM
>To: [EMAIL PROTECTED]
>Subject: [PATCH] Secure defaults in server.xml + support for
>"multihomed" machines
>
>
>
>This patch is a result of our previous discussion with Henry
>about making
>more secure default bindings in "server.xml".
>
>Summary of changes:
>src/etc/server.xml:
> Added address="127.0.0.1" parameter to Ajp interceptors
>that should make
> them bind to "localhost" by default (At the very least
>someone won't be
> able to shutdown a server remotly now)
>
>src/share/org/apache/tomcat/modules/server/Ajp12Interceptor.java:
> Fixed to make it print IP into conf/ajp12.id in all the cases
> ( address.toString() does not always work the way we need here)
>
>src/share/org/apache/tomcat/util/IntrospectionUtils.java:
> Added support for method setXXX( InetAddress ) which is
>needed to do
> all the stuff described above.
>
>src/share/org/apache/tomcat/util/net/PoolTcpEndpoint.java:
> Fixed to make work properly when bound to interface
>other than "localhost"
>
>
>Attached please find diff.txt with all this changes.
>Diff is made using "cvs diff" against current state of
>jakarta-tomcat CVS
>repository.
>
>Please let me know what you think:)
>
>--
>oo Andrey
>oo
>oOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOo
>"All mail clients suck. This one just sucks less."
> -- http://www.mutt.org/ Jeremy Blosser
>oOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOo
>
