[Tomcat Wiki] Update of "FAQ/Security" by KonstantinKolinko

[Apache Wiki <wi...@apache.org>]

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification.

The "FAQ/Security" page has been changed by KonstantinKolinko:
http://wiki.apache.org/tomcat/FAQ/Security?action=diff&rev1=14&rev2=15

Comment:
Add links to pages at tomcat.apache.org

  === Role of Customization ===
  
  We believe, and the evidence suggests, that Tomcat is more than secure enough for most use-cases. However, like all other components of Tomcat, you can customize any and all of the relevant parts of the server to achieve even higher security. For example, the session manager implementation is pluggable, and even the default implementation has support for pluggable random number generators. If you have a special need that you feel is not met by Tomcat out of the box, consider these customization options. At the same time, please bring up your requirements on the user mailing list, where we'll be glad to discuss it and assist in your approach/design/implementation as needed.
+ 
+ === Links ===
+ 
+  * Known vulnerabilities [[http://tomcat.apache.org/security.html]]
+  * Security considerations (Apache Tomcat 7 documentation) [[http://tomcat.apache.org/tomcat-7.0-doc/security-howto.html]]
  
  == Questions ==
   1. [[#Q1|How do I use OpenSSL to set up my own Certificate Authority (CA)?]]

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org