Re: [dtp-dev] a critical security bug

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [dtp-dev] a critical security bug

From: Anil Samuel <anil.samuel@xxxxxxxxxx>
Date: Tue, 7 Nov 2006 08:38:19 +1100
Delivered-to: dtp-dev@xxxxxxxxxxx
List-archive: <http://eclipse.org/pipermail/dtp-dev>
List-help: <mailto:dtp-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/dtp-dev>, <mailto:dtp-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/dtp-dev>, <mailto:dtp-dev-request@eclipse.org?subject=unsubscribe>

Rob,

vendor's DB). The information in the profile is what is used whenopening
connections and is encrypted when saved to the file system.

At Oracle, with Secure-by-default principle, we would have securityissue with this when it is goes for assessment.Why dont we use the above-said mechanism to encrypt even thispassword ? That way it wud be consistent too.


Regards
Anthos

Follow-Ups:
- Re: [dtp-dev] a critical security bug
  - From: Anil Samuel

References:
- Re: [dtp-dev] a critical security bug
  - From: rcernich

Prev by Date: Re: [dtp-dev] DTP support for SQLite DB
Next by Date: Re: [dtp-dev] a critical security bug
Previous by thread: Re: [dtp-dev] a critical security bug
Next by thread: Re: [dtp-dev] a critical security bug
Index(es):
- Date
- Thread

Breadcrumbs