----- Original Message -----
> From: Christopher Schultz <ch...@christopherschultz.net>
> To: Tomcat Users List <users@tomcat.apache.org>
> Cc:
> Sent: Monday, December 12, 2011 11:45 AM
> Subject: Re: upgrading from 6.0.20 to 6.0.35
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hassan,
>
> On 12/9/11 11:38 AM, Hassan Schroeder wrote:
>> On Thu, Dec 8, 2011 at 11:13 PM, Pid * <p...@pidster.com> wrote:
>>
>>> Yes, but we still usually recommend starting afresh each time.
>>> It should relatively simple, just make a backup copy of each file
>>> you edit, first.
>>
>> Somewhat OT, but I would like to recommend git
>> (http://git-scm.com/) as the *perfect* way to manage
>> configurations.
>
> Or, at least *some* revision-control-tracking mechanism: CVS,
> Subversion, git, Mercurial, whatever.
>
I cannot add enough +1 to this. Security procedure or no, managing more than a
few servers without version control and software release management is asking
for disaster.
> Saunder Temme says that putting your server configuration under
> revision control is a recommended security procedure:
> http://people.apache.org/~sctemme/ApconNA2011/Hardening%20Enterprise%20Apache%202011.pdf
>
> Hmm... that presentation doesn't say it, but he's definitely mentioned
> it in the past.
>
> - -chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org