-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jan-Willem,
On 12/14/11 4:05 AM, jwklomp wrote:
> I'm migrating existing applications to Tomcat and setting Tomcat up
> as described in the 'Security Configuration Benchmark for Apache
> Tomcat 5.5/6.0' of the Center of Internet Security.
>
> The ben
jwklomp wrote:
>
>Hello,
>
>I'm migrating existing applications to Tomcat and setting Tomcat up as
>described in the 'Security Configuration Benchmark for Apache Tomcat
>5.5/6.0' of the Center of Internet Security.
>
>The benchmark recommends enabling the Security Manager. However, I'm
>experien
jwklomp wrote:
>
>Hello,
>
>I'm migrating existing applications to Tomcat and setting Tomcat up as
>described in the 'Security Configuration Benchmark for Apache Tomcat
>5.5/6.0' of the Center of Internet Security.
>
>The benchmark recommends enabling the Security Manager. However, I'm
>experien
> From: jwklomp [mailto:janwillem.kl...@gmail.com]
> Subject: Tomcat 6: what are the risks of not using Security Manager
> My question is: how secure is Tomcat without the Security Manager enabled
Tomcat itself is secure; it's your webapps you have to think about. Can they
b
Hello,
I'm migrating existing applications to Tomcat and setting Tomcat up as
described in the 'Security Configuration Benchmark for Apache Tomcat
5.5/6.0' of the Center of Internet Security.
The benchmark recommends enabling the Security Manager. However, I'm
experiencing that none of the apps
