Hello
If I have changed the default admin & manager
passwords and have a personal firewall preventing
anything other than http & http:8080 access, is it
still possible for people to view the tomcat-users.xml
file? With only those two protocols open (plus udp 53
for dns)it should be impossible.
What is the best practice for running TC "hardened"?
Run it as a seperate user with read only? To
implement jaas/how? Any recommendations, url would be
appreciated. tia.
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
