Howdy, >We will install Tomcat 4.1.24 on a server which is behind our corporate
Why not 4.1.27? >Now, my question is that, what is the common practice to guard against >people accessing the catalina_home directory? I plan to install Tomcat on >the D drive instead of the C drive where the OS resides. Just in case if >the Windows OS is compromised, it may or may not affect Tomcat. Use a security manager: http://jakarta.apache.org/tomcat/tomcat-4.1-doc/security-manager-howto.h tml Make your security policy as restrictive as possible. Deploy a packed war and leave it packed, i.e. set unpackWARs=false in server.xml. Also autoDeploy=false to increase performance and security. Yoav Shapira This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
