On Tue, 3 Jul 2001 01:48, Leo Sutic wrote:
> So - would it be possible to restrict the hardening to Phoenix, leaving the
> framework open and unsecure? I think this will save the framework from
> being commited to a very small target, and allow Phoenix to be as secure as
> possible.
I would go for securing excalibur (components) and cornerstone (server
components) but leave rest as is. Phoenix will eventually (as soon as I get
the time) be "hardened" or will offer a "hardened" mode if performance
penalty becomes too much. The few components in framework (ie Default*) are
secure enough while still being extensible. They are not totally secure (they
contain protected methods and live in unsealed jar) but are OK ;)
Cheers,
Pete
*-----------------------------------------------------*
| "Faced with the choice between changing one's mind, |
| and proving that there is no need to do so - almost |
| everyone gets busy on the proof." |
| - John Kenneth Galbraith |
*-----------------------------------------------------*
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
