Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 2/19/2010 5:45 AM, André Warnier wrote:
- Since address 127.0.0.1 is the "local loopback" address on any host, a
process can only connect to it from the local host, and from nowhere else.
Yes, but things like
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 2/19/2010 5:45 AM, André Warnier wrote:
> - Since address 127.0.0.1 is the "local loopback" address on any host, a
> process can only connect to it from the local host, and from nowhere else.
Yes, but things like SSH tunnels can be used to
Caldarale, Charles R wrote:
From: Curtis Garman [mailto:curt.gar...@gmail.com]
Subject: Re: tomcat 6.0.18 shutdown address
yes...this is what I was told...thanks all for the info
Unfortunately, pretty much all of what André wrote was wrong, as Mark explained.
I apologise for the nonsense I
On 18/02/2010 23:08, Curtis Garman wrote:
yes...this is what I was told... thanks all for the info
To be clear: Mark's answer is the correct one.
p
On Thu, Feb 18, 2010 at 9:52 AM, André Warnier wrote:
Curtis Garman wrote:
Is this something new for tomcat 6?...I was told there was a s
> From: Curtis Garman [mailto:curt.gar...@gmail.com]
> Subject: Re: tomcat 6.0.18 shutdown address
>
> yes...this is what I was told...thanks all for the info
Unfortunately, pretty much all of what André wrote was wrong, as Mark explained.
So again, what you were told was fals
yes...this is what I was told...thanks all for the info
On Thu, Feb 18, 2010 at 9:52 AM, André Warnier wrote:
> Curtis Garman wrote:
>
>> Is this something new for tomcat 6?...I was told there was a security
>> vulnerability there with tomcat 5
>>
>
> Yes. At some point in time inversion 5.0 or
On 18/02/2010 15:42, Curtis Garman wrote:
Is this something new for tomcat 6?...I was told there was a security
vulnerability there with tomcat 5
I don't see an address property in either of the below:
http://tomcat.apache.org/tomcat-5.5-doc/config/server.html
http://svn.apache.org/repos/as
Mark Thomas wrote:
On 18/02/2010 15:42, Curtis Garman wrote:
Is this something new for tomcat 6?...I was told there was a security
vulnerability there with tomcat 5
By whom? It has been this way since Tomcat 4. The issue, if I recall
correctly, was with some of the Tomcat 3 releases.
Ooops..
Curtis Garman wrote:
Is this something new for tomcat 6?...I was told there was a security
vulnerability there with tomcat 5
Yes. At some point in time inversion 5.0 or 5.5 or 6.0, someone
realised that if this "shutdown port" allowed connections from anywhere,
there was a theoretical possib
On 18/02/2010 15:42, Curtis Garman wrote:
> Is this something new for tomcat 6?...I was told there was a security
> vulnerability there with tomcat 5
By whom? It has been this way since Tomcat 4. The issue, if I recall
correctly, was with some of the Tomcat 3 releases.
Mark
>
> On Thu, Feb 18,
> From: Curtis Garman [mailto:curt.gar...@gmail.com]
> Subject: Re: tomcat 6.0.18 shutdown address
>
> Is this something new for tomcat 6?...I was told there was a security
> vulnerability there with tomcat 5
You were misinformed. The shutdown port has always been open onl
Is this something new for tomcat 6?...I was told there was a security
vulnerability there with tomcat 5
On Thu, Feb 18, 2010 at 9:27 AM, Pid wrote:
> On 18/02/2010 15:14, Curtis Garman wrote:
>
>> I'm moving from tomcat 5.5.25 to tomcat 6.0.18 and have noticed one
>> problem.
>> I use to be able
On 18/02/2010 15:14, Curtis Garman wrote:
I'm moving from tomcat 5.5.25 to tomcat 6.0.18 and have noticed one problem.
I use to be able to define the following in my server.xml
...
but now the address portion won't work...I only want shutdown commands to be
able to come from localhost...can s
I'm moving from tomcat 5.5.25 to tomcat 6.0.18 and have noticed one problem.
I use to be able to define the following in my server.xml
...
but now the address portion won't work...I only want shutdown commands to be
able to come from localhost...can someone help me? I don't know if the
syntax j
14 matches
Mail list logo
