Tomcat Security Problem Help (using mod_jk)

[Ramilio D <sp...@hotmail.com>]

Hi Everyone,

I read in the buqraq posting that I could fix the source code exposure 
vulnerablilty in tomcat by modifying the JkMount directive. I took a quick 
look at some documentation but I couldn't figure out how to allow apache 
serve servlets yet disallow those containing the 
org.apache.catalina.servlets.DefaultServlet string.

Any help would be greatly appreciated

Cheers,


_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: Tomcat Security Problem Help (using mod_jk)

[Milt Epstein <me...@uiuc.edu>]

On Wed, 25 Sep 2002, Ramilio D wrote:

> Hi Everyone,
>
> I read in the buqraq posting that I could fix the source code
> exposure vulnerablilty in tomcat by modifying the JkMount
> directive. I took a quick look at some documentation but I couldn't
> figure out how to allow apache serve servlets yet disallow those
> containing the org.apache.catalina.servlets.DefaultServlet string.
>
> Any help would be greatly appreciated

I believe the report about it that was sent to this list (one of them,
at least) had some detailed instructions about how to do this.  I
suggest checking the list archives.

Milt Epstein
Research Programmer
Integration and Software Engineering (ISE)
Campus Information Technologies and Educational Services (CITES)
University of Illinois at Urbana-Champaign (UIUC)
mepstein@uiuc.edu


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>