Two: there is no encryption over data transferred (in real, it's a database dependant protocol issue. As workaround, you could write converters that does the job).
Three: it has no clue about password bad user choices (for paranoids, huh? :-D ).
Richter
Daniel Perry escreveu:
I dont think such a list exists. What sort of security vunerabilities are you talking about? Due to the nature of OJB i cant think of any security vunerabilities it could suffer? OJB doesnt store any data itself. Any vunerabilities i can think of would be introduced by a database server ojb is using, the JVM, the OS, the filesystem, or the application that is using OJB.
I think the only obvious security vunerability is that (normally) you have the database server username and password in the plaintext repository file. This is a problem with all If you set the file permissions properly, no one can access this.
Daniel.
-----Original Message----- From: Pulat Yunusov [mailto:[EMAIL PROTECTED] Sent: 21 December 2004 22:29 To: OJB Users List Subject: Vulnerabilities
Is there a list of OJB security vulnerabilities: current and closed? Is this information regularly collected or posted and where, in this list?
Thank you,
Pulat
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- Edson Carlos Ericksson Richter MGR Inform�tica Ltda. Fones: 3347-0446 / 9259-2993
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
