I have a question because my tomcat is running on a solaris machine. I'm not the admin. I know it's easily possible to connect to that server pc for lot's of people.
So I tried to use rlogin myself, telnet localhost 8005, say SHUTDOWN and down was the server. Unfortunately anyone else could have done it, too. Except changing the "SHUTDOWN" command to something more secret and preventing server.xml from reading, i have no idea how to prevent shutdown, because I don't think it'll be possible to prevent other users from rlogin to this server machine. My questions (maybe not all are equally reasonable, but at least I want to get an idea about several options): 1. Is it possible to disable the listener at port 8005 completely? 2. Except the file permissions and changing the SHUTDOWN command, is there any other way on solaris to prohibid telnet localhost 8005 in any way for users (a bit unix specific, i know) 3. If I change the SHUTDOWN command to something else, will I still be able to use shutdown.sh? I mean what mechanismn does the shutdown.sh use? Is it mainly doing tcp/ip and sending this command, then I suggest I would have to change the shutdown.sh to use the new secret word. If yes, how to do it? Thanks Michael --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
