You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by is...@apache.org on 2018/10/23 04:26:21 UTC

svn commit: r1844615 - /tomcat/trunk/webapps/docs/security-howto.xml

Author: isapir
Date: Tue Oct 23 04:26:21 2018
New Revision: 1844615

URL: http://svn.apache.org/viewvc?rev=1844615&view=rev
Log:
Added JniLifecycleListener statement to security-howto BZ 62830

Modified:
    tomcat/trunk/webapps/docs/security-howto.xml

Modified: tomcat/trunk/webapps/docs/security-howto.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/security-howto.xml?rev=1844615&r1=1844614&r2=1844615&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/security-howto.xml (original)
+++ tomcat/trunk/webapps/docs/security-howto.xml Tue Oct 23 04:26:21 2018
@@ -239,8 +239,9 @@
       <p>The APR Lifecycle Listener is not stable if compiled on Solaris using
       gcc. If using the APR/native connector on Solaris, compile it with the
       Sun Studio compiler.</p>
-
-      <p>The Security Listener should be enabled and configured as appropriate.
+      <p>The JNI Library Loading Listener may be used to load native code. It should
+      only be used to load trusted libraries.</p>
+      <p>The Security Lifecycle Listener should be enabled and configured as appropriate.
       </p>
     </subsection>
 
@@ -375,7 +376,7 @@
       context as required.</p>
 
       <p>Any administrative application should be protected by a
-      RemoteAddrValve. (Note that this Valve is also available as a Filter.)
+      RemoteAddrValve (this Valve is also available as a Filter).
       The <strong>allow</strong> attribute should be used to limit access to a
       set of known trusted hosts.</p>
 
@@ -391,7 +392,7 @@
       <p>Modify the values as required. Note that this will also change the version
       number reported in some of the management tools and may make it harder to
       determine the real version installed. The CATALINA_HOME/bin/version.bat|sh
-      script will still report the version number.</p>
+      script will still report the correct version number.</p>
 
       <p>The default ErrorReportValve can display stack traces and/or JSP
       source code to clients when an error occurs. To avoid this, custom error
@@ -490,7 +491,7 @@
     <p>Modify the values as required. Note that this will also change the version
     number reported in some of the management tools and may make it harder to
     determine the real version installed. The CATALINA_HOME/bin/version.bat|sh
-    script will still report the version number.
+    script will still report the correct version number.
     </p>
 
     <p>The CGI Servlet is disabled by default. If enabled, the debug



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org