Rick Hillegas wrote:
I have taken a stab at describing various security expectations which
customers might have and also how we could balance these expectations
against the desire to run the network server "secure by default". The
following wiki page addresses these issues:
http://wiki.apache.org/db-derby/SecurityExpectations
With the Basic policy some thought needs to be put into other
resources/tasks:
backup of a database
restore of a database (?)
import/export of data
installing/replacing jar files
The described policy would mean all of those file resources need to be
placed in the system home.
Dan.
