Just ask them to google for security-issues linked to PHP and issues linked to any servlet-container (aka Tomcat).
If they want it more specific, ask them to read through some relevant mailing-list-archives such as full-disclosure. OK, that's not about performance, but we f.e. do not use PHP due to it's security-footprint. Sure, if one know his ways arround in PHP and know the sources of every module used in PHP and has checked them for any security-concern, it may work - however: I've never met such a person... Rgds Gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
