lucene-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Hostetter <hossman_luc...@fucit.org>
Subject Re: Lucene authentication
Date Tue, 16 Dec 2008 19:41:22 GMT

: > fashion. For example, from malicious users or hackers, or for that matter
: > "internal" users trying to reengineer the system and use it for purposes
: > other than the way licensed.

if you're taking about people whow already have access to the physical 
disk the index resides on but you don't want them to use the index in any 
way except what you application allows you are largely out of luck -- the 
Lucene index format is well documented and many tools (like Luke) can open 
an arbitrary Lucene index.

The only suggestion i can think of would be to use a RAMDirectory in your 
application where the only persistent data you store is encrypted using 
keys that are hardcoded into your application.



-Hoss


Mime
View raw message