> -----Original Message-----
> From: Jon Stevens [mailto:[EMAIL PROTECTED]]
> Sent: Friday, August 10, 2001 06:01
> To: Turbine-user
> Subject: Re: Turbine servlet extension mapping?
>
>
> on 8/9/01 8:55 PM, "Rodney Schneider" <[EMAIL PROTECTED]> wrote:
>
> > I am hoping what you meant is "security implemented solely through
> > obscurity is no security".
> >
> > Obscurity can aid security:
> >
> > http://securityportal.com/beale/beale20010720.html
>
> Oh geeezz...lame article.
>
> He sounds like he is trying to justify it...there is no
> justification for
> attempting to use obscurity to aid in security in any shape or form.
>
> Security is not defined in shades of grey. It is very black
> or white IMHO.
Are you seriously trying to argue that something is either secure or it isn't? Maybe I
misunderstood. Security is all shades of grey
because no system is 100% secure due to the deterministic nature of all current
security measures. Obscurity does seem at best a way
of buying time, kind of similar to leaving the light on when your out - it won't stop
a serious attempt at breaking in.
The question must surely be: does obscurity significantly decrease the risk of attack?
Some statistics would be good so if anybody has any....
******************
Anyway, I have also posted on the actual topic (the one regarding verbose urls). I
have searched the archive for the best way
combine mod_rewrite and the server.xml but found nothing in the archive. (I was using
www.mailarchive.com)
Is it possible that somebody who has done either of these two things could briefly
explain what they did.
Any assistance would be much appreciated.
Gareth
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
