Carrie Salazar wrote: > I did see my JSP source whe I tried this bug (Tomcat 4.0.4/Apache > 2.0.40). I just deleted my JKMount to servlet and mapped only > the applications being used as mentioned in this group and > now I can no longer see my JSP source with this method. > > I'll eventually move to Tomcat 4.0.5 but I wanted to apply > some security immediately.
Yes, you can remove the sevlet invoker mapping as I noted in the email on the security issue or on the Jakarta website news post. Remy -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
