-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Roger,
On 5/9/20 20:45, Roger Marquis wrote: > calder wrote: >> We've never had occasion to use the password, because we disable >> shutdown (the better option). > > Never did understand this Tomcat oddity. What other application > is configured by default to open a tcp socket just to receive a > shutdown command? Then there the default password, both of which, > IMO, warrant a CVE. > > Would be far better i.e. more standards-based and secure, if the > socket were an option and the default stop method was, like > everything else, to use rc/init/service/systemctl/whatever. > > OTOH, a quick look at the startup, shutdown, catalina, ... scripts, > much less their lack of reliability, makes a little clearer why > some devops might want to avoid the shipped daemon control > scripts. Would you care to be specific? I've been running Tomcat for nearly 20 years and never had any problems with the standard service-management scripts. - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl65ndAACgkQHPApP6U8 pFi9yg/+PgGGkfEPTgkFOSGSQJlMRQITC4A6NN6ioxhm89tJz/r1RK6xLQOinW84 O3ZtKrSq2uvYzd5ZEMzlcCDP7NyRpS3xT1DlS15+n5kSI5xMhOkkHbOaaRkW+kd6 xqS7OmLH7TkgWkVEn/LsZp7haS5e9z9KSYF+Ychwye7DlpmC+td9N45egWHbV9VF iNYsNvElwNx7q1D7phst6Xcn1QC707EVajRRowpeOyMZyOXBfpczy8OzU6f3d+g7 yDbFSGW0GXBkvgorRXzYxzYHYzvB3fBHaLWeo+TzM75oibzu5hQs/wh6QU+sQ5Jd Fcp3pyRHP+h223GAwCzOQRFjCFinDlFHcDWkebvgUkmC/QyqWIWZUbWJOfbjMO/W 0l63NoFCSXuP3//XsUSLeER3dhP7aNxuyfXsSTiM4kTX7KnHlwXxS9/umd3JXJRS KKqcDhaRg9ItsJfY1HKPccEd/2A1wLWuJHZOPLfqBvQYUApBoN5gaK4qJleS3Dn1 xEYNdfpq+MO1J8GBtkb4leSA3ujPc1uW1oo1ziNnZsZ3AAJled4G+L1p+vid0ggc 7StgWbpalJHMp9t7RjP54OV00Pfm0kN/XcnGhvXVgeAJUFQ7wlD8nPLNjxZnpqaF JJLkDfgGbyohaTF48+miIWt/kDW0lw0AMy9ZYp6JMcFausKIvP4= =JAmR -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org