-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Marcus,
Milanez, Marcus wrote: > I know.. This is quite difficult to address... > > Have your company adhered to SOX already? Erm... correct me if I'm wrong, but SOX is all about public disclosure of bad things happening. There are no preventative measures or anything like that. It's not like SOX says "you can't have cleartext passwords on computers directly connected to the Internet". Of course, if it did, you could always put your app server on a private subnet and then use a web server in your DMZ. This is my preferred deployment strategy, anyway. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGxfoq9CaO5/Lv0PARAvJkAKCc2RE+1Yij19PeD+Lq3mS0B2RrzwCfUPO1 LRXOg4o2WB60zoKQLUymTVc= =UhTn -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
