On Mon, 22 Jan 2001, Oleg Nitz wrote:
> >> Bordet, Simone wrote:
> >> I have no objections to Juha's idea.
> >> Just one question: if the keystore is protected, then somebody must
> >> enter password on each startup of JBoss. Am I right?
>
> > Errr, mmmhhh, weeellll...
> > Ehi, but *you* are the security guy !!
>
> > ;-))
>
> Okay, then I answer: yes, I am right :-)
> For those who wouldn't like to enter password on each startup I can
> propose the following security model:
> 1) restrict the access to conf dir to the server administrator only.
> 2) put your server machine to the room with combination lock on
> the door, and use administrator's password as the combination.
> ;-)
>
> Peace, love and security,
Pick any 2 8^})
> Oleg
>
>
>
--
Dan Christopherson (danch)
nVisia Technical Architect (www.nvisia.com)
Opinions expressed are mine and do not neccessarily reflect any
position or opinion of nVISIA.
---------------------------------------------------------------------------
If you're a capitalist and you have the best goods and they're
free, you don't have to proselytize, you just have to wait.
-Eben Moglen
