Good Afternoon Rob-
if you're implementing either glassfish or weblogic webserver your "best fit solution" would be Oracle Identity Manager there are 'other' identity solutions such as RSA which are 1)far more complex .. 2)virtually hackproof.. at random intervals RSA implements an alternate encryption algorithm with an alternate keysize RSA issues smart cards which contain sufficient biometric information to authenticate you (and pass the authentication token to the OS) does this help? Martin Gainty ______________________________________________ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. > From: wult...@gmail.com > Date: Mon, 24 May 2010 13:27:52 -0700 > Subject: Re: Security issues > To: je...@gii.co.jp > CC: mgai...@hotmail.com; mysql@lists.mysql.com > > On Mon, May 24, 2010 at 12:07 PM, Jerry Schwartz <je...@gii.co.jp> wrote: > >>-----Original Message----- > >>From: Rob Wultsch [mailto:wult...@gmail.com] > >>Sent: Saturday, May 22, 2010 11:52 AM > >>To: Martin Gainty > >>Cc: mysql@lists.mysql.com > >>Subject: Re: Security issues > >> > >>On Sat, May 22, 2010 at 5:44 AM, Martin Gainty <mgai...@hotmail.com> wrote: > >>> Good Morning Rob- > >>> > >>> one vulnerability (with UDFs) > >>> http://dev.mysql.com/tech-resources/articles/security_alert.html > >>> > >>> a manager considering a enterprise-wide security solution may want > >>> to consider Oracle Identity Manager (with Glassfish 3.2) > >>> http://under-linux.org/en/content/oracle-introduces-schedule-for-glassfish- > >>556/ > >>> > >>> Does this help? > >>> Martin Gainty > >> > >>Martin, > >> > >>Thank you for the reply. > >> > >>The guys across the street have a single page with cliff notes about > >>every vulnerability effecting every supported version*. The page I > >>noted was comprehensive. Martin, what you listed was a page with an > >>single vuln and a page which looks like a product. > >> > > [JS] This is always a tough call for a software developer. On the one hand, > > announcing an unfixed problem alerts users; but at the same time, it also > > alerts abusers. Some companies go one way, some go the other. > > > > Regards, > > > > Jerry Schwartz > > Global Information Incorporated > > 195 Farmington Ave. > > Farmington, CT 06032 > > > > 860.674.8796 / FAX: 860.674.8341 > > > I explicitly do not want a list of unfixed problems. I want a list of > fixed issues and what versions are effected. > > -- > MySQL General Mailing List > For list archives: http://lists.mysql.com/mysql > To unsubscribe: http://lists.mysql.com/mysql?unsub=mgai...@hotmail.com > _________________________________________________________________ The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with Hotmail. http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
