Mark,
On 8/29/24 03:44, Mark Thomas wrote:
On 28/08/2024 22:27, Christopher Schultz wrote:
On 8/28/24 06:48, Mark Thomas wrote:
<snip/>
I've restructured the page. I've added the things you suggested. Any
better?
Yes, I like your work, here. I committed some minor changes. Mostly
re-wording the "giving the attacker administrative rights before an
attack is cheating" bit.
I was tempted to edit that page to include that quote. It sums it up
rather nicely.
I did make a minor addition to clarify that standard distributions were
from the ASF. I don't think any downstream is adding their own web
applications but just in case...
I'll ping the security@ folks for a review before we start linking to
this from the other security pages.
+1
I wonder if the term "Security Model" is correct for this page, but it's
okay with me.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
