Hi All,
It was brought to my attention that tomcat by default runs httpd trace and that it is a potential security hole. I don't understand what httpd trace is - can somebody explain? Is there a way to control this in tomcat (turning it on and off?) Thanks in advance! Ganesh
