Re: WO JavaClient apps security
Re: WO JavaClient apps security
- Subject: Re: WO JavaClient apps security
- From: email@hidden
- Date: Thu, 10 Mar 2005 10:53:06 +0100
hello Andrus,
----- Original Message -----
From: "Andrus Adamchik" <email@hidden>
To: "WebObjectsDev (Apple)" <email@hidden>
Sent: Thursday, March 10, 2005 5:17 AM
Subject: WO JavaClient apps security
> Hi folks,
>
> I was wondering if there are any daring souls on this list who created
> WO JavaClient apps for public use beyond the corporate intranet?
No, its not a good idea, even Apple doesnt suggest that.
>
> I am not very optimistic on the whole idea, but still wanted to check.
> I am aware of various security techniques that can be applied (SSL,
> partitioning business logic, and so on),
you are right, and its not safe.
>but nothing seems to fully
> address one fundamental limitation - unauthorized elevating of database
> privileges by a "trusted" user. A client app can be decompiled,
> sticking an arbitrary fetch spec and suddenly a user becomes a
> superuser...
>
> How many people use Java Client anyways ... ?
not much. i asked around for couple of days weather JavaClient is good.
the result in general not only for online use :
1. dont used it cos its too much buggey.
2. use it ONLY if you have no other choise.
3. u must have XCode.
tell me weather you learnt something more, i am interested in the scope too.
peaSe,
Sako.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden