cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Olivier Billard <obill...@rennes.jouve.fr>
Subject Re: AW: How to protect a Cocoon project
Date Wed, 22 Oct 2003 09:37:35 GMT
Sorry I didn't read good your mail :) My eyes are not well opened this morning ;)
But Alexander is right : that's your job to ensure there is no backdoor...




On 22/10/2003 10:10, Jörn Heid wrote:
> It's about a demo (with an installer). 
> I can't say: Before you install, please create a new user and forget the
> password of him :)
> 
> -----Ursprüngliche Nachricht-----
> Von: news [mailto:news@sea.gmane.org] Im Auftrag von Olivier Billard
> Gesendet: Mittwoch, 22. Oktober 2003 09:54
> An: users@cocoon.apache.org
> Betreff: Re: How to protect a Cocoon project
> 
> 
> Hi Joern,
> 
> Isn't it the goal of filesystems, to protect file from beeing read by non
> authorized 
> persons ? It's possible with WinNT, 2000, XP, and of course Unix-like OSes.
> Just give the right rights to the right persons ;)
> 
> --
> Olivier BILLARD
> 
> 
> On 22/10/2003 09:47, Jörn Heid wrote:
> 
>>Hello.
>>
>>I want to give my customer a demo of my Cocoon based application which 
>>runs with Jetty on their local machine. But the problem is everybody 
>>can see the internals of the app. All the pipelines in sitemap.xmap, 
>>all XSL and XML. It can be used to find backdoors in the sitemap for 
>>example.
>>
>>So the question is, how to protect files from being read directly.
>>
>>A solution would probably be to encrypt (for example via XOR) all the 
>>files. After that, Cocoon (Jetty) has to be started with modified 
>>Java-IO classes (via bootclasspath).
>>
>>Does anybody know which classes have to be changed or if there's 
>>somebody who has done something like that...
>>
>>
>>JOERN_HEID



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org


Mime
View raw message