Your message dated Fri, 30 Nov 2007 08:38:14 -0200
with message-id <[EMAIL PROTECTED]>
and subject line Fw: Tudo de graca
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: tomcat4
Version: 4.1.30-6
Severity: wishlist
At present, /etc/tomcat4/server.xml is mode 644. This means that any
legitimate user or rogue process has access to the shutdown
string and can shut tomcat down. This is a minor DoS and something of
a corner case (it affects tomcat instances running on large multi-user
boxes and stymies hardening measures designed to allow a server to "play
hurt" (continue giving partial service when partially compromised)),
but still an interesting one. This could be overcome by creating a
tomcat4 group, running the tomcat instance with this group ID,
changing the group ownership of server.xml to tomcat4 and changing
the mode to 640. This provides both confidentiality of the
shutdown secret and prevents a compromised tomcat instance from
manipulating its own configuration (because while the tomcat4
group can read the file, only root can write it).
- Raz
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.6-1-686
Locale: LANG=C, LC_CTYPE=C
Versions of packages tomcat4 depends on:
ii adduser 3.59 Add and remove users and groups
ii apache-utils 1.3.31-3 Utility programs for webservers
ii eclipse-javac [java-compiler 2.1.3-4 Eclipse Java compiler and ant plug
ii j2re1.3 [java-virtual-machin 1.3.1.02b-2 Blackdown Java(TM) 2 Runtime Envir
ii j2re1.4 [java-virtual-machin 1.4.1-6 Blackdown Java(TM) 2 Runtime Envir
ii j2sdk1.3 [java-compiler] 1.3.1.02b-2 Blackdown Java(TM) 2 SDK, Standard
ii j2sdk1.4 [java-compiler] 1.4.1-6 Blackdown Java(TM) 2 SDK, Standard
pn libtomcat4-java Not found.
-- no debconf information
--- End Message ---
--- Begin Message ---
Pessoal, recebi este e-mail e estou repassando...
---
Vocês sabiam que na internet existem sites que oferecem material de qualidade e
de graça?
Encontrei um site na internet que disponibiliza muito material de qualidade e
de GRAÇA.
O site é www.tudodegraca.4d2.net
Algumas apostilas oferecidas são:
"Kit de Mágicas"
"Guia de Sedução"
"Curso de Auto-Hipnose"
"Curso de Desenho"
"Ringtones para celular"
e várias outras...
Esse é um material GRATUITO de qualidade que está praticamente esquecido na
internet. Vamos repassar essa oportunidade aos nossos amigos e avisar o maior
número de pessoas!
Repetindo, o site é: www.tudodegraca.4d2.net
Abraços
--- End Message ---
_______________________________________________
pkg-java-maintainers mailing list
pkg-java-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers
