On Tue, 3 Jul 2001 01:48, Leo Sutic wrote: > So - would it be possible to restrict the hardening to Phoenix, leaving the > framework open and unsecure? I think this will save the framework from > being commited to a very small target, and allow Phoenix to be as secure as > possible.
I would go for securing excalibur (components) and cornerstone (server components) but leave rest as is. Phoenix will eventually (as soon as I get the time) be "hardened" or will offer a "hardened" mode if performance penalty becomes too much. The few components in framework (ie Default*) are secure enough while still being extensible. They are not totally secure (they contain protected methods and live in unsealed jar) but are OK ;) Cheers, Pete *-----------------------------------------------------* | "Faced with the choice between changing one's mind, | | and proving that there is no need to do so - almost | | everyone gets busy on the proof." | | - John Kenneth Galbraith | *-----------------------------------------------------* --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
