In a server environment, no.
http://jakarta.apache.org/tomcat/faq/security.html#8005
-Tim
NAIK,ROSHAN (HP-Cupertino,ex1) wrote:
Given that _anybody_ on the local machine could simply telnet to the
port and issue a "SHUTDOWN" command. Isnt the current shutdown mechanism in
Tomcat 4 a security i
Roshan,
This assumes ...
The user has access to log onto the machine.
The user has access to read the server.xml file to find out what the shutdown command.
assuming you havn't changed the shutdown command to something less predictable
You may wish to set it to something else.
Of course if you k
