Caldarale, Charles R wrote:
From: Curtis Garman [mailto:curt.gar...@gmail.com]
Subject: Re: tomcat 6.0.18 shutdown address
yes...this is what I was told...thanks all for the info
Unfortunately, pretty much all of what André wrote was wrong, as Mark explained.
I apologise for the nonsense I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 2/19/2010 5:45 AM, André Warnier wrote:
- Since address 127.0.0.1 is the local loopback address on any host, a
process can only connect to it from the local host, and from nowhere else.
Yes, but things like SSH tunnels can be used to
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 2/19/2010 5:45 AM, André Warnier wrote:
- Since address 127.0.0.1 is the local loopback address on any host, a
process can only connect to it from the local host, and from nowhere else.
Yes, but things like
I'm moving from tomcat 5.5.25 to tomcat 6.0.18 and have noticed one problem.
I use to be able to define the following in my server.xml
Server port=8005 shutdown=SHUTDOWN *address=127.0.0.1*
...
/Server
but now the address portion won't work...I only want shutdown commands to be
able to come from
On 18/02/2010 15:14, Curtis Garman wrote:
I'm moving from tomcat 5.5.25 to tomcat 6.0.18 and have noticed one problem.
I use to be able to define the following in my server.xml
Server port=8005 shutdown=SHUTDOWN *address=127.0.0.1*
...
/Server
but now the address portion won't work...I only
Is this something new for tomcat 6?...I was told there was a security
vulnerability there with tomcat 5
On Thu, Feb 18, 2010 at 9:27 AM, Pid p...@pidster.com wrote:
On 18/02/2010 15:14, Curtis Garman wrote:
I'm moving from tomcat 5.5.25 to tomcat 6.0.18 and have noticed one
problem.
I use
From: Curtis Garman [mailto:curt.gar...@gmail.com]
Subject: Re: tomcat 6.0.18 shutdown address
Is this something new for tomcat 6?...I was told there was a security
vulnerability there with tomcat 5
You were misinformed. The shutdown port has always been open only on
127.0.0.1. Tomcat 6
On 18/02/2010 15:42, Curtis Garman wrote:
Is this something new for tomcat 6?...I was told there was a security
vulnerability there with tomcat 5
By whom? It has been this way since Tomcat 4. The issue, if I recall
correctly, was with some of the Tomcat 3 releases.
Mark
On Thu, Feb 18,
Curtis Garman wrote:
Is this something new for tomcat 6?...I was told there was a security
vulnerability there with tomcat 5
Yes. At some point in time inversion 5.0 or 5.5 or 6.0, someone
realised that if this shutdown port allowed connections from anywhere,
there was a theoretical
Mark Thomas wrote:
On 18/02/2010 15:42, Curtis Garman wrote:
Is this something new for tomcat 6?...I was told there was a security
vulnerability there with tomcat 5
By whom? It has been this way since Tomcat 4. The issue, if I recall
correctly, was with some of the Tomcat 3 releases.
On 18/02/2010 15:42, Curtis Garman wrote:
Is this something new for tomcat 6?...I was told there was a security
vulnerability there with tomcat 5
I don't see an address property in either of the below:
http://tomcat.apache.org/tomcat-5.5-doc/config/server.html
yes...this is what I was told...thanks all for the info
On Thu, Feb 18, 2010 at 9:52 AM, André Warnier a...@ice-sa.com wrote:
Curtis Garman wrote:
Is this something new for tomcat 6?...I was told there was a security
vulnerability there with tomcat 5
Yes. At some point in time inversion
From: Curtis Garman [mailto:curt.gar...@gmail.com]
Subject: Re: tomcat 6.0.18 shutdown address
yes...this is what I was told...thanks all for the info
Unfortunately, pretty much all of what André wrote was wrong, as Mark explained.
So again, what you were told was false.
- Chuck
On 18/02/2010 23:08, Curtis Garman wrote:
yes...this is what I was told... thanks all for the info
To be clear: Mark's answer is the correct one.
p
On Thu, Feb 18, 2010 at 9:52 AM, André Warniera...@ice-sa.com wrote:
Curtis Garman wrote:
Is this something new for tomcat 6?...I was
14 matches
Mail list logo