Michael Hall wrote:
>It can pop up at awkward times demanding a response. It can take key
>events away from the prior component that had focus interfering with
>user typing. That is probably just a bug but it could use some sort
>of attention. My preference would be not to require the dialog.
Authentication is not the same as identification:
<http://developer.apple.com/documentation/Security/Conceptual/Security_Overview/
Concepts/chapter_3_section_8.html>
Without identification, all that's left is its pesky substitute:
repetitive reauthentication.
> Establish
>who the current user and then use that information to access the user
>private information. Even then, how you still avoid malicious
>bypassing of the login module authentication and spoofing the user to
>get at the data.
You design it to be impossible to bypass or spoof, for whatever practical
amount of "impossible" you need. If something isn't trustworthy, it
shouldn't be used to determine something else's trustworthiness.
The OS enforces BSD access permissions. If you don't trust those to work,
you're dead, because nothing else is trustworthy: not the OS, the JVM, your
app, your database file, etc.:
<http://developer.apple.com/documentation/Security/Conceptual/Security_Overview/
Concepts/chapter_3_section_9.html>
>The Apple Keychain might be a good repository but I don't think any
>real authentication is required to get at either certificates or keys
>in it.
There is if the user sets it up that way. The user can choose the
access-granting policies, and can restrict or expand at any time. See
Keychain Access.app and its builtin help.
>Maybe that is because some automatic authentication outside
>java has been done establishing that you are a correct user to access
>the information, I haven't tested that. But it doesn't seem to have
>required a valid password or produce a dialog or whatever to get at
>KeyChain? Or did I test that incorrectly?
Can't tell. With such a vague description, we don't know what you tested,
nor how.
Maybe you have login keychain access enabled:
<http://developer.apple.com/documentation/Security/Conceptual/keychainServConcep
ts/02concepts/chapter_2_section_1.html>
"The login keychain is automatically unlocked during login if it has the
same password as the user's login account password."
Maybe your app is listed as a trusted app for the things it retrieves from
the keychain, simply because it put them there. In that case your app
won't be re-authenticated unless Keychain Services detects that your app
changed:
<http://developer.apple.com/documentation/Security/Conceptual/keychainServConcep
ts/02concepts/chapter_2_section_4.html>
-- GG
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Java-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/java-dev/email@hidden
This email sent to email@hidden
