On 06/05/2021 14:09, Robert Hicks wrote:
We are getting evaluated and one of the items that I need to do is change
the "ServerInfo.properties" in the catalina.jar to set "server.info" and
"server.version" to nonsense (really).
I have the following Valve setup as well:
At what point would the
We are getting evaluated and one of the items that I need to do is change
the "ServerInfo.properties" in the catalina.jar to set "server.info" and
"server.version" to nonsense (really).
I have the following Valve setup as well:
At what point would the "ServerInfo.properties" actually show a
2017-05-11 17:21 GMT+03:00 Pesonen, Harri :
>
> Hello,
>
> the following lists Tomcat versions 8.5.0 – 8.5.12, does it mean that the
problem has been fixed in 8.5.13 and later?
yes
http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.13
Regards,
Violeta
>
>
Hello,
the following lists Tomcat versions 8.5.0 - 8.5.12, does it mean that the
problem has been fixed in 8.5.13 and later?
https://nvd.nist.gov/vuln/detail/CVE-2017-5651
I assume that it has been fixed, as 8.5.13 readme has:
* [Fix:]
: Guy Pontecorvo [mailto:guy.ponteco...@pearson.com]
Sent: Friday, January 21, 2011 11:56 AM
To: users@tomcat.apache.org
Subject: Security question about Multiple instances of Tomcat running
as non-admin users on a single box
We currently run multiple instances of tomcat Version 6.0.20, each
Hi,
On 25 January 2011 18:00, Guy Pontecorvo guy.ponteco...@pearson.com wrote:
We run as many as 15 apps on a single xServe box. The corresponding Oracle
10g databases run on a separate server. Everything is automated. Start up,
shutdown, updates etc. are scripted and executed using sudo.
-
From: Guy Pontecorvo [mailto:guy.ponteco...@pearson.com]
Sent: Friday, January 21, 2011 11:56 AM
To: users@tomcat.apache.org
Subject: Security question about Multiple instances of Tomcat running
as non-admin users on a single box
We currently run multiple instances of tomcat Version
Guy Pontecorvo schrieb am 21.01.2011 um 09:56 (-0800):
We currently run multiple instances of tomcat Version 6.0.20, each in
its own non-admin user account under Mac OSX 10.5. This has been a
great way to host multiple web applications (student information
systems) on a single box. Each app
On 1/21/11 5:56 PM, Guy Pontecorvo wrote:
Because Xserve is being discontinued we are considering the possibility of
migrating our environment to Windows 2008 R2
The JDK tools have a few more small functions on *nix than Windows -
small but rather useful. This IMHO, is one key reason to stick
We currently run multiple instances of tomcat Version 6.0.20, each in its
own non-admin user account under Mac OSX 10.5. This has been a great way to
host multiple web applications (student information systems) on a single
box. Each app is secure in its own user account space and can't read or
it the way you do now. It's
called a pilot program.
Jeff
-Original Message-
From: Guy Pontecorvo [mailto:guy.ponteco...@pearson.com]
Sent: Friday, January 21, 2011 11:56 AM
To: users@tomcat.apache.org
Subject: Security question about Multiple instances of Tomcat running
as non
Hi,
I'm running Tomcat 5.5.20 with an application built under Netbeans 5.5.
The application works fine. I've found a number of things on the web
regarding the issue of running as a non-root user, but none match my
needs exactly. If someone could point me at the right documentation, or
answer
On 4/11/07, Neil B. Cohen [EMAIL PROTECTED] wrote:
Situation - I am installing tomcat and running it on port 8080. However,
it is currently being started by the root user and I need to change
that.
If I just run the startup script as user 'foo', I get errors because it
can't read various
I didn't realize it could be that simple :) Thanks very much - I will
give that a try...
Much obliged,
nbc
On Wed, 2007-04-11 at 07:59 -0700, Hassan Schroeder wrote:
On 4/11/07, Neil B. Cohen [EMAIL PROTECTED] wrote:
Situation - I am installing tomcat and running it on port 8080.
Did you try running tomcat with JSVC. It'll run it as a deamon with the user
privileges of your choicde
On 4/11/07, Neil B. Cohen [EMAIL PROTECTED] wrote:
I didn't realize it could be that simple :) Thanks very much - I will
give that a try...
Much obliged,
nbc
On Wed, 2007-04-11 at
Prabhat Kumar (IT) wrote:
I am trying to figure out how to prevent a situation where a user has a runaway
page that is a super user page (and unauthorized). The page has a text area
that takes an SQL query and executes this on the applications database.
My question is, how can such
I am trying to figure out how to prevent a situation where a user has a runaway
page that is a super user page (and unauthorized). The page has a text area
that takes an SQL query and executes this on the applications database.
My question is, how can such unauthorized tasks be prevented in
17 matches
Mail list logo