Agreed. And it is generally possible to keep it all very simple, but
very secure.
-Matt
On Mar 23, 2004, at 12:59 PM, Barney Boisvert wrote:
> Another generalization is that the more complex security is, the
> harder it
> is to make sure there aren't any holes.
>
> IMHO, security should be blindingly simple. Only by doing that can
> you make
> sure you identify and test all the edge cases. You can stack layer
> upon
> layer of security, but each layer should be simple and independent.
>
> Not to say that it's always possible to keep is really simple, but the
> simpler the better in my book.
>
> Cheers,
> barneyb
>
> > -----Original Message-----
> > From: Adrocknaphobia [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, March 23, 2004 9:49 AM
> > To: CF-Talk
> > Subject: Re: Securing CF Apps.
> >
> > no one ever claimed that security is simple. a generalization
> > would be that the more complex security is, the harder it is to
> crack.
> >
> > -adam
> >
> > > -----Original Message-----
> > > From: Tim Blair [mailto:[EMAIL PROTECTED]
> > > Sent: Tuesday, March 23, 2004 05:19 PM
> > > To: 'CF-Talk'
> > > Subject: RE: Securing CF Apps.
> > >
> > > > > As for using the security of your DB instead of application-
> > > > > based security - in my opinion this is possibly *less* secure
> -
> > > > > it means that anyone with a login for your webapp
> automatically
> > > > > has a direct login for your database server!
> > > >
> > > > Which is of course set up to only allow connections from the
> > > > web server, regardless of the credentials offered. Layer
> > > > after layer after layer :-)
> > >
> > > And has no external network access except through the DMZ
> > that the CF
> > > server is sitting in, behind the firewall that... Oh, no, I'll
> stop
> > > there I think. ;)
> > >
> > > Tim.
> > >
> > > --
> > > -------------------------------------------------------
> > > <CF_CodingContest mode="judging" newentries="false">
> > > Maze Solver - http://tech.badpen.com/cfcontest/
> > > -------------------------------------------------------
> > > RAWNET LTD - Internet, New Media and ebusiness Gurus.
> > > WE'VE MOVED - for our new address, please visit our
> > > website at http://www.rawnet.com/ or call us any time
> > > on 0800 294 24 24.
> > > -------------------------------------------------------
> > > This message may contain information which is legally
> > > privileged and/or confidential. If you are not the
> > > intended recipient, you are hereby notified that any
> > > unauthorised disclosure, copying, distribution or use
> > > of this information is strictly prohibited. Such
> > > notification notwithstanding, any comments, opinions,
> > > information or conclusions expressed in this message
> > > are those of the originator, not of rawnet limited,
> > > unless otherwise explicitly and independently indicated
> > > by an authorised representative of rawnet limited.
> > >
> >
> >
>
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
- RE: Securing CF Apps. Tim Blair
- Re: Securing CF Apps. Matt Liotta
- RE: RE: Securing CF Apps. Kazmierczak, Kevin
- Re: Securing CF Apps. Matt Liotta
- Re: Securing CF Apps. Adrocknaphobia
- Re: Securing CF Apps. Matt Liotta
- RE: RE: Securing CF Apps. Tangorre, Michael
- Re: Securing CF Apps. Adrocknaphobia
- Re: Securing CF Apps. Adrocknaphobia
- RE: Securing CF Apps. Barney Boisvert
- RE: RE: Securing CF Apps. Matt Liotta
- RE: RE: Securing CF Apps. Burns, John D
- RE: Securing CF Apps. Tony Weeg
- Re: Securing CF Apps. Kwang Suh
- Re: RE: Securing CF Apps. Kwang Suh
- RE: RE: Securing CF Apps. Paul Vernon
- RE: Securing CF Apps. Tim Blair
- Re: Securing CF Apps. Adrocknaphobia
- RE: Securing CF Apps. Kwang Suh
- Re: Securing CF Apps. Adrocknaphobia
- Re: Securing CF Apps. Matt Liotta