Bernt M. Johnsen wrote:
John Embretsen wrote (2007-06-05 10:42:22):
Daniel John Debrunner wrote:
Rick Hillegas wrote on derby-user>
http://mail-archives.apache.org/mod_mbox/db-derby-user/200706.mbox/[EMAIL PROTECTED]
The upcoming release of Derby 10.3 will make networked configurations
safer by installing a Java security manager if the user forgets to
install one. [snip]. As a result, it will be harder for hackers to
corrupt multi-user applications and shared machines.
One item that's missing from the post to the user list and any
discussion around this issue is how much more secure is 10.3 than 10.2?
It's worth stepping back and looking at the overall picture. I'd hate
for 10.3 to be overselling its security.
Measuring security is very hard, so I understand why Rick did not include
any such claims in the post to derby-user, but I agree that it seems that
this has not been thought through as much as some of us would have
liked.
Personally, I think that we should not label 10.3 as "more secure"
than 10.2. The different Derby security features will be completely
irrelevant in some contexts while they will be cruical for the
security in other contexts.
We should rather claim that 10.3 has "more security features" than
10.2 and that more of them are enabled by default.
+1 to this kind of wording!
Doesn't really matter if we have "all" security features if they are
wrongly configured, or not used at all, at the deployment site. The
user/deployer is still, and will always be I guess, a crucial part of
the security picture.
--
Kristian
[...snip...]
I certainly think that any documentation or discussion should not imply
in any way that 10.3 out of the box is a secure system.
+1.
+1 Definitely.
