Re: Application Security...
Re: Application Security...
- Subject: Re: Application Security...
- From: "Sven A. Schmidt" <email@hidden>
- Date: Wed, 19 Feb 2003 20:47:38 +0100
On Mittwoch, Februar 19, 2003, at 07:49 Uhr, Joshua S Emmons wrote:
I think that the point is, you can only trust any given security model
so far. If you're talking server security, you may have kerberized
passwords, ssh-only logins, etc. But if anyone can walk into your
server room and flip off the power switch/steal the hard
drive/whatever, well, kerberos isn't going to stop that.
Absolutely. My point was that I'd feel better if the server room's door
was actually locked.
Again, I think it's easy to sniff on text fields and I'd be relieved to
know that there's a provision by the OS not to allow that on password
text fields. After all, what Input Managers provide -- Spell checking,
completion -- you typically don't need in password text fields anyway.
Or rather, following your argument: If your password is in the spell
checker's dictionary you probably don't have to worry about text field
sniffing.
Sven
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.