eans' accessor methods irrelevant.
> >
> >That's my 2 cents.
> >
> >Scott Stirling
> >
> >
> >- Original Message -
> >From: Donald E. Vandenbeld <[EMAIL PROTECTED]>
> >To: <[EMAIL PROTECTED]>
> >Sent: Monday,
app., you're
>hiding behind all
>kinds of firewalls and authentication mechanisms that make the
>security hole in
>your JavaBeans' accessor methods irrelevant.
>
>That's my 2 cents.
>
>Scott Stirling
>
>
>- Original Message -
>From: Donald E.
The JSP page resides on your own server. Your vulnerability to someone
being able to inspect java beans installed on your server and 'exploit'
them is not a problem if you configure your web server security to prevent someone
from "PUT"ing a JSP page in your web space who is not authorized to pub
security hole in
your JavaBeans' accessor methods irrelevant.
That's my 2 cents.
Scott Stirling
- Original Message -
From: Donald E. Vandenbeld <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, April 17, 2000 6:31 PM
Subject: Security problems with bea
I came across an article about JSP on lantimes.com. I think it's an older
article but it mentions a security problem with beans that I've not heard of
before. I was wondering if this 'flaw' is indeed present and what can be
done to guard against it. I am including a copy of the paragraph in
ques