One more thing, the embedded security requirement is to keep people from walking up to the machine and just running the application.
Maybe we should define "UserIds" and "Passwords" as a standard. I think everyone will need these. ciao, Mark Gianugo Rabellino wrote: > Mark J. Stang wrote: > > How do you see this working in the embedded mode? > > > > I don't see it as an issue. But first I have to confess that I still > have to be convinced that including the embedded driver in the Xindice > core is a Good Thing. I don't use it, and don't plan to, so I'm almost > totally ignorant on that particular implementation. But: > > 1. I don't see any reason for this architecture not to work in embedded > mode too. True, there are major security issues, i.e. you can always get > access to the internal API, which leads us to: > > 2. security in an embedded environment doesn't make much sense. When you > are on the same VM, you are on the same machine, running your "client" > processes with the same privileges as the "server" process, and can do > almost everything. Probably you would have to play with Java security > policies to have some acceptable security level, but again I don't see > this as a strict requirement. > > Ciao, > > -- > Gianugo Rabellino -- Mark J Stang System Architect Cybershop Systems
begin:vcard n:Stang;Mark x-mozilla-html:TRUE adr:;;;;;; version:2.1 email;internet:[EMAIL PROTECTED] fn:Mark Stang end:vcard
