On 11/23/22 12:43, Robert Turner wrote:
My 2 cents:
I think that it would be a very strange change to make to a generic product
and a "sample" configuration file. If Tomcat was packaged in a
distribution, that might be a more reasonable suggestion. I don't think
Tomcat is insecure because of this; binding to addresses/ports is a key
part of configuration of any deployed system and the responsibility of the
person(s) deploying it to ensure correct basic configuration (which this is
part of).
MySQL has shipped with the out of the box config only listening on
localhost for a while now, on Ubuntu at least. Solr, the project I am
most heavily involved in, made that change starting with version 9.0.0.
We just released version 9.1.0. This is becoming a default
configuration for a LOT of software ... nobody can attack a new service
or do something they're not authorized to do if they cannot reach it on
the network. If your physical security is good, software like this
cannot be attacked until the admin chooses to open it up beyond localhost.
I think it's perfectly reasonable for Tomcat to do the same, but maybe
in a new major version.
Thanks,
Shawn
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
