It is generally safer for a higher security zone to have read\write access to a lower security zone. It would be more of a risk for the lower zone to be able to read\write to the higher zone.
By broadcast I am referring to a UDP Broadcast domain (multicast) ex:224.0.0.2. The application in the higher zone sends a multi-cast broadcast to nodes in its broadcast domain to indicate "changes" (whatever it may be be). In the case of Tomcat it will be used to load resource files, and possible restart the services (if required). On Mon, Mar 9, 2009 at 2:29 PM, Caldarale, Charles R < chuck.caldar...@unisys.com> wrote: > > From: dOE [mailto:doep...@gmail.com] > > Subject: Re: Security issues sending broadcast traffic. > > > > Does anyone know of any security issues when sending > > broadcast traffic from a high security zone (firewall > > DMZ's) to a tomcat server located in a lower security zone? > > How many issues would you like? Strictly speaking, the above is a high > risk for declassification. In reality, you question is too nebulous to > answer meaningfully. > > > It is the higher security "writing" \ "accessing" the lower > > security so initial guesses are that this should be fine, > > You have it backwards. > > > Any incite with this is greatly appreciated in advance. > > As in "incite a riot"? > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
