The OS enforces BSD access permissions. If you don't trust those
to work,
you're dead, because nothing else is trustworthy: not the OS, the
JVM, your
app, your database file, etc.:
On Jul 17, 2006, at 4:52 AM, Michael Hall wrote:
all shown without a valid password of any kind being provided
either for the KeyStore (KeyChain) or for the key?
This just does not seem right but I still may not be understanding
correctly.
More correctly than 'for the key' would be for the 'alias' I think
for a KeyStore.
I did a little more checking and it appears KeyChain is not
completely unsecured. Signing in as a different user and running the
program does not show the entry because the login.keychain files are
unique to user, and access protection restricted to user.
So this is in fact Unix access protected rather than java KeyStore
password protected. As long as no one with admin privileges who can
get around the permissions gets access to your file you are safe.
Although I think a java KeyStore may still be the solution to my
original cross-platform problem, since I can't count on a login
keychain or even access permissions being present. One problem there
being a single KeyStore password might be required rather than
KeyStore + alias passwords. So somewhat weaker protection for secure
private information like mysql passwords.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Java-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/java-dev/email@hidden
This email sent to email@hidden
