- disable insecure selfservlet by default

author Elan Ruusamäe <glen@pld-linux.org>

Fri, 6 Jan 2006 18:48:00 +0000 (18:48 +0000)

committer cvs2git <feedback@pld-linux.org>

Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
author Elan Ruusamäe <glen@pld-linux.org>
Fri, 6 Jan 2006 18:48:00 +0000 (18:48 +0000)
committer cvs2git <feedback@pld-linux.org>
Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
diff --git a/ApacheJServ-config.patch b/ApacheJServ-config.patch

new file mode 100644 (file)

index 0000000..b99d1cc
--- /dev/null
+++ b/ApacheJServ-config.patch
@@ -0,0 +1,11 @@
+--- ./conf/jserv.properties.in~        2005-12-29 13:51:48.000000000 +0200
++++ ./conf/jserv.properties.in 2006-01-05 22:21:27.000000000 +0200
+@@ -164,7 +164,7 @@
+ # Default: false
+ # WARNING: disable this in a production environment since may give reserved
+ # information to untrusted users.
+-security.selfservlet=true
++security.selfservlet=false
+ 
+ # Set the maximum number of socket connections Apache JServ may handle 
+ # simultaneously. Make sure your operating environment has enough file
author	Elan Ruusamäe <glen@pld-linux.org>
	Fri, 6 Jan 2006 18:48:00 +0000 (18:48 +0000)
committer	cvs2git <feedback@pld-linux.org>
	Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)