Hmm ok. Is there any way to encrypt the passwords stored in server.xml on top of that? I'll take all the security I can get. :-)
--- Yiannis Mavroukakis <[EMAIL PROTECTED]> wrote: > I will assume you mean protect the file from being > read. The > easiest way to do that is to assign read/write > permission to the file > to whoever user is running tomcat and remove all > permissions from group. > That also assumes that you are running some flavour > of Unix, but you could > achieve the same with Win32 security. > > -----Original Message----- > From: Sonny Sukumar [mailto:[EMAIL PROTECTED] > Sent: 10 March 2004 01:40 > To: [EMAIL PROTECTED] > Subject: How to protect server.xml? > > > > Hey guys, > > I have both a keystore password and a database > connection user name/password in cleartext in my > server.xml file and I don't know how to get around > that. > > In light of this, has anybody come up with a way to > protect server.xml? Is there a way to encrypt these > passwords? Or perhaps to encrypt the whole > server.xml > file itself? > > This has been weighing on my mind for a few months > now, and I couldn't find a solution in the mailing > list archives. > > I'd appreciate any help! > > Tomcat version: 4.1.27 > > > __________________________________ > Do you Yahoo!? > Yahoo! Search - Find what you're looking for faster > http://search.yahoo.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > > > ________________________________________________________________________ > This e-mail has been scanned for all viruses by Star > Internet. The > service is powered by MessageLabs. > > > Note:__________________________________________________________________ > This message is for the named person's use only. It > may contain > confidential, proprietary or legally privileged > information. No > confidentiality or privilege is waived or lost by > any mistransmission. > If you receive this message in error, please > immediately delete it and > all copies of it from your system, destroy any hard > copies of it and > notify the sender. You must not, directly or > indirectly, use, disclose, > distribute, print, or copy any part of this message > if you are not the > intended recipient. Jaguar Freight Services and any > of its subsidiaries > each reserve the right to monitor all e-mail > communications through its > networks. > Any views expressed in this message are those of the > individual sender, > except where the message states otherwise and the > sender is authorized > to state them to be the views of any such entity. > ________________________________________________________________________ > This e-mail has been scanned for all viruses by Star > Internet. The > service is powered by MessageLabs. __________________________________ Do you Yahoo!? Yahoo! Search - Find what you’re looking for faster http://search.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]