Also I'd like to hear those concerns. > -----Original Message----- > From: Helck, Christopher [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 29, 2004 8:39 PM > To: Maven Users List > Subject: Security question about remote repositories. > > > Maven makes it very easy to download and use jars off the > web. I think this is good, but a security expert has raised > some concerns about it. > Can anyone suggest a set of policies to use when determining > which packages to use and how/when to download them? I'm > thinking along the lines of creating a local repository > behind our firewall and only moving "approved" packages from > www.ibiblio.org/maven to it. Any suggests would be helpful. > > Thanks, > C. Helck > > > The information contained in this e-mail is confidential. > This e-mail is intended only for the stated addressee. If > you are not an addressee, you must not disclose, copy, > circulate or in any other way use or rely on the information > contained in this e-mail. if you have received this e-mail in > error, please inform us immediately and delete it and all > copies from your system. > > EBS Dealing Resources International Limited. Registered > address: 55-56 Lincoln's Inn Fields, London WC2A 3LJ, United > Kingdom. Registered number 2633663. > > EBS Dealing Resources, Inc, registered in Delaware. Address: > 535 Madison Avenue, 24th Floor, New York, NY 10022, USA, and > One upper Pond road, Building F - Floor 3, Parsippany, NJ 07054, USA. > > EBS Dealing Resources Japan Limited, a Japanese Corporation. > Address: Asteer Kayabacho Bldg, 6th Floor, 1-6-1, Shinkawa, > Chuo-Ku, Tokyo 104-0033, Japan. > >
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
