Daniel Perry wrote:
I dont think such a list exists. What sort of security vunerabilities are
you talking about? Due to the nature of OJB i cant think of any security
vunerabilities it could suffer? OJB doesnt store any data itself. Any
vunerabilities i can think of would be introduced by a database server ojb
is using, the JVM, the OS, the filesystem, or the application that is using
OJB.
Due to OJB being a library that is used by an Application, it does not expose any functionality to the outside (this is done by the App if at all), so things like DDoS do not apply to OJB. The only way that OJB interfaces with the outside world (outside of the App that is), is the JDBC connection to the database, and here OJB is as secure as the JDBC driver/database is.
IMO the only class of vulnerabilities that OJB as a library could suffer from is the buffer overflow stuff, but for one I think Java handles that differently than C/C++ does, and also any data given to OJB (e.g. for inserting into the database, for querying etc.) comes from the App, so it is the task of the App, not OJB, to ensure security.
Tom
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
