YES, We at Citibank use Struts extensively.... and i know that our auditors did the review and gave the good feed back. We all love this framwork.
But, Currently i'am running in to small production problem because of the JDK change in Weblogic SP4 and i have no one to help me out resolving it, rather i'am getting some workaround ways from the groups which i cannot do 'cos i have almost 80 modules to change and almost 1000 properties to be changed. Can struts guru's look at the problem i posted 2 days back with the Subject " Struts 1.0 problem". Thanks Naveen -----Original Message----- From: cekvenich.vic [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 2:45 PM To: struts-user; cekvenich.vic Subject: Re: YASJR (Yet Another Struts Justification Request) This is almost a Linux vs Windows: which is more secure/ the one that has millions of user eyes on the code! In commercial code, a bomb is very easy and possible. In OS, unlikely. I would also bet that given any industry (banks for ex), Struts is the most popular in production use. I know a few large banks using Struts!!!! I am sure that they did due process. But if PHB does not want to use it, they don't want to use it. Maybe sit in a legal review to negotiate a proprietary framework license suits them, with no?? access to source. .V - may the source be with you Gregory F. March wrote: > I seem to have successfully pushed Struts in my company (a big Wall > St. bank). However, today, I was asked the following question: > > How can I guarantee that there are no hacks, bombs, etc. in the > Struts code or any OS code for that matter? > > My immediate response was, how can you guarantee it for any code? > However, being a large bank with literally trillions of dollars a day > passing though our systems, I can definitely understand their concern. > > At a minimum, we will obtain the source code and at least do a minimal > code walk-through and then compile our own binaries. > > What other guarantees can I make to my management? What is the process > the Struts team uses to control a rogue contributor? > > Thanks, > > /greg > > -- > Gregory F. March -=- http://www.gfm.net:81/~march -=- AIM:GfmNet --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
