> From: Tim Funk [mailto:[EMAIL PROTECTED] 
> If you have an evil admin, there is nothing stopping the him from 
> sniffing the network, or starting tomcat with a debugger 
> which can look 
> at the memory or {insert evil action here} ;)

Sure.  Or do the old trick we used to do with Suns - L1-A out of the
kernel, then poke through the data structures in memory with the
built-in ROM debugger (thanks Sun).  Any (non-quantum?) system can be
compromised with enough effort.  The aim is merely to make the hack
sufficiently difficult that most corrupt admins would reckon there are
easier (and/or more profitable) hacks elsewhere.  Or, put another way,
"when outrunning a dragon, you don't have to run faster than the dragon.
You just have to run faster than the dwarf."

                - Peter

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to