Re: [dtp-dev] a critical security bug

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [dtp-dev] a critical security bug

From: Anil Samuel <anil.samuel@xxxxxxxxxx>
Date: Tue, 7 Nov 2006 09:11:28 +1100
Delivered-to: dtp-dev@xxxxxxxxxxx
List-archive: <http://eclipse.org/pipermail/dtp-dev>
List-help: <mailto:dtp-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/dtp-dev>, <mailto:dtp-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/dtp-dev>, <mailto:dtp-dev-request@eclipse.org?subject=unsubscribe>

Also I guess this scenario is applicable to any use case wherepasswords are handled

so will be good to have a Eclipse platform wide policy / mechanism.

in simple words handball to platform guys !!

Anthos
On 07/11/2006, at 8:38 AM, Anil Samuel wrote:

Rob,
vendor's DB). The information in the profile is what is used whenopening
connections and is encrypted when saved to the file system.
At Oracle, with Secure-by-default principle, we would have securityissue with this when it is goes for assessment.Why dont we use the above-said mechanism to encrypt even thispassword ? That way it wud be consistent too.
Regards
Anthos

_______________________________________________
dtp-dev mailing list
dtp-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/dtp-dev

References:
- Re: [dtp-dev] a critical security bug
  - From: rcernich
- Re: [dtp-dev] a critical security bug
  - From: Anil Samuel

Prev by Date: Re: [dtp-dev] a critical security bug
Next by Date: [dtp-dev] Connectivity Framework Usability Wiki
Previous by thread: Re: [dtp-dev] a critical security bug
Next by thread: [dtp-dev] Minutes from 10/30 PMC & Project Lead Meeting Published
Index(es):
- Date
- Thread

Breadcrumbs