Hi
I found out that we run our tomcat as user root, and in
plain jsp I'm able to trash /etc/passwd :-)
what is the advised setup for a tomcat server that
is shared by several users (contexts) and runs
some virtual domains ?
thanks,
*pike
==========
Aoccdrnig to rscheearch at Cmabrigde Uinervtisy,
it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny
iprmoetnt tihng is taht the frist and lsat ltteer be at the rghit pclae.
The rset can be a total mses and you can sitll
raed it wouthit porbelm. Tihs is bcuseae the huamn mnid deos not
raed ervey lteter by istlef, but the wrod as a wlohe.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
