Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Java Enterprise Safe ??

From: "Gleb Paharenko" <gpaharenko () gmail com>
Date: Thu, 9 Oct 2008 23:31:51 +0400
Hi!

IMHO, java projects have better security. Variable binding and no
dynamic sql significantly improves sqli strength.

2008/10/7 Mattias Hemmmingsson <mattias () fareoffice com>:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

God morning

We are now working with java enterprise at the glassfish server.
And a come of thinking how secure is java really ?


If you look att OWASP home page you can find the ten most common
security risk against java,

So with XSS how mutch damiage can you do to the system ore can you
only change the clients view ?

Sql injection is it poosible to do with java enterprise ?

And the big one JAS ( java auth system or somthing like that) How safe
is it realy ?


// matte

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFI6wZUNJQJ1TN4TrgRAi90AJwJJxGG1fdpNrJWMGShU+kEpf2GmACfaeSs
T0OutNQWyeyb6bu4kbiVOn8=
=ZJBA
-----END PGP SIGNATURE-----







-- 
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com
http://www.linkedin.com/in/gpaharenko
Previous By Date Next
Previous By Thread Next

Current thread: