I don't know if this has been discussed here, but how can we secure AOP applications running standalone on a client? With this feature (byte code manipulation) how can I stop malicious coders from injecting code into my app? Lets say I have already distributed an unsigned application. A hacker may change my classloader and runs this thing. Is this possible? Right now most of our applications run on webstart so I'm not sure yet if this as an issue. On another note, is there a way we can allow only signed injectors to execute or is there another way of securing it. I have not yet read the whole documentation but I dont think I have seen this topic when I skimmed it. If there is can you point me to it or any related topics will be quite useful. Thanks.
Regards, Elmo View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3952193#3952193 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3952193 _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user
