You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ramilio D <sp...@hotmail.com> on 2002/09/25 06:29:53 UTC
Tomcat Security Problem Help (using mod_jk)
Hi Everyone,
I read in the buqraq posting that I could fix the source code exposure
vulnerablilty in tomcat by modifying the JkMount directive. I took a quick
look at some documentation but I couldn't figure out how to allow apache
serve servlets yet disallow those containing the
org.apache.catalina.servlets.DefaultServlet string.
Any help would be greatly appreciated
Cheers,
_________________________________________________________________
Send and receive Hotmail on your mobile device: http://mobile.msn.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Tomcat Security Problem Help (using mod_jk)
Posted by Milt Epstein <me...@uiuc.edu>.
On Wed, 25 Sep 2002, Ramilio D wrote:
> Hi Everyone,
>
> I read in the buqraq posting that I could fix the source code
> exposure vulnerablilty in tomcat by modifying the JkMount
> directive. I took a quick look at some documentation but I couldn't
> figure out how to allow apache serve servlets yet disallow those
> containing the org.apache.catalina.servlets.DefaultServlet string.
>
> Any help would be greatly appreciated
I believe the report about it that was sent to this list (one of them,
at least) had some detailed instructions about how to do this. I
suggest checking the list archives.
Milt Epstein
Research Programmer
Integration and Software Engineering (ISE)
Campus Information Technologies and Educational Services (CITES)
University of Illinois at Urbana-Champaign (UIUC)
mepstein@uiuc.edu
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>