-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Calder,
On 5/9/20 00:36, calder wrote: > On Fri, May 8, 2020 at 9:07 PM calder <calder....@gmail.com> > wrote: >> >> On Fri, May 8, 2020, 19:20 Robert Hicks <robert.hi...@gmail.com> >> wrote: >>> >>> I am trying to find what the password complexity can be. I've >>> looked at several hardening guides and they are all >>> "WordsLikeThis". Does the shutdown password take symbols and >>> numbers or at least hyphenated words? >> >> >> We've never had occasion to use the password, because we disable >> shutdown (the better option). >> >> However, my best guess one could use anything. One could check >> the source code, or better yet, set up a Dev instance and give it >> a quick test - a 15 minute exercise at most. > > Gave it a test. > > In server.xml, we have <Server port="8005" shutdown="fdsa$#@JKL:^" > > > > and then fire it up > > user@stimpy:~/bin/apache-tomcat/bin> ./catalina.sh start > log.log > 2>&1 > > user@stimpy:~/bin/apache-tomcat/bin> ps aux | grep java user 7223 > 531 1.2 21006280 812812 pts/2 Sl 23:22 0:13 /home/ [ ... ] > > user@stimpy:~/bin/apache-tomcat/bin> ./shutdown.sh stop > > user@stimpy:~/bin/apache-tomcat/bin> ps aux | grep "bin/java" [ no > response ] > > If we start up TC and change server.xml entry to (removed one char > at end) <Server port="8005" shutdown="fdsa$#@JKL:"> TC won't shut > down. > > Keep in mind - some characters won't work like & or ( or ) - at > least on Unix-style OSes as the shell may want to interpret them. What makes you say that? What does the shell have to do with anything? - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl63KfYACgkQHPApP6U8 pFh5yRAAmIInP54+INuiba2Hbjb/AxmqqNMrmP6noARMyPCuOL6ptjumqvebT1J8 tw7oIPJPT3qEFzg2TvXZ/QJ/sQ6or9/Q1PYZ8eZnEtv4Cw5LMSmgLV/69MAMhtfA o6X0V7ZdKwpnLhfIvV8we/kogmfD2h5gqHmqtL165pbBO5FzqywNUJoYIaOaiNtk 9ExWHWZ/+pRxwfS7OkrVLYn9UlIKebFJX1fAqjAMGFnAcI45L5ky6oRjpY359UfJ tQDXbmsu034TGnLdrnhiSGASWHGEPsTmaH2m2o24WW0Sf75ymEsWVkV9RGOYsyAG lBtX7Bj4fa0Ldr/S4ejXEBy7p+e+t+5BNw8yUZKSyE9zPwL77Yp23hL2w83hUQbq beNNIia7HaDpO3x9ZaRT53UALNVTnKdJNmTfIHHPm5m8WAeaaJz7vKHcRdWtkZSg 4GZ1TW5VXnwL27jxSnYlDTBM6o/xUAuVc8ZmpYt2U7fFKnQVE57mVn8BG+jFLPI4 19F6jjIL7bzqIhx4h26af5xeYeqXWLeWRzZWA+nS9GpoPkYFTfmGByGS54bKU0rE lMd/3nRKcjt+PMVM7wnu8b/S+hrSTwG1nE3ens9XPwpJCl0HsZzX5HR51SJegOXF O2xOeuy9as1+jAGtquiQpvOZePDbrGUjJaZebZ4fQE0+acJ1bo4= =JGZQ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org