Hello.two thoughts:
I want to give my customer a demo of my Cocoon based application which runs with Jetty on their local machine. But the problem is everybody can see the internals of the app. All the pipelines in sitemap.xmap, all XSL and XML. It can be used to find backdoors in the sitemap for example.
So the question is, how to protect files from being read directly.
(1) security by obscurity does not work, this is well known: so if they could detect back-doors in your sitemap something is wrong anyway and you have to modify it
(2) if you just want to protect your knowledge and methodology, then this is another discussions:
why not put this application online with a password protection; then they can test it online without the need to install it.
or if it is really "big stuff", then you could think of making a linux CD that boots from CD/DVD like Knoppix with all your stuff pre-installed, but *without* an open root password as Knoppix has it.
then they enter the CD boot from it and thats it.
Alex
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
