Stefano, > -----Original Message----- > From: Stefano Mazzocchi [mailto:[EMAIL PROTECTED] > Sent: 28 June 2003 20:07 > To: James Developers List > Cc: community@apache.org > Subject: Re: WORA Considered Evil ;-) > > Reading your post that dismiss the UNIX sysadm fears as a > "think of the > past",
and > "get modern and stop the crap" These are unrepresentative paraphrases of what I said. I don't believe that the post actually said or implied either of these things. I did say "I'm sure that everyone is in favour of hardening James as much as possible. Its just that we should approach it from a Java perspective, not a C on Unix one. The issues are different." Why? Because the potential vulnerabilities and the optimum measures to eliminate them are not the same for the two environments. To take an approach that assumes that they are the same will result in a less hardend solution. Examining the risks as they exist in James' Java environment deployed on physical OSes such as Unix will achieve a maximally hardened solution. Achieving sysadm trust is not the same as achieving a maximally hardened solution. Perhaps James could achieve a level of trust from some Unix sysadms by making it possible to mirror the deployment environments that they trust. Fine. But as developers we shouldn't be blind to the fact this is a minor detour on the road to a maximally hardened solution. I don't view this as an appeal to ignore anyone. I don't make a habit of considering anyones views as "crap". -- Steve --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
