RES: RES: RES: Context.xml file

2007-08-17 Thread Milanez, Marcus
as I can in my environment. I just can't assume anything... Thank you! -Mensagem original- De: Christopher Schultz [mailto:[EMAIL PROTECTED] Enviada em: sexta-feira, 17 de agosto de 2007 16:43 Para: Tomcat Users List Assunto: Re: RES: RES: Context.xml file -BEGIN PGP SIGNED MESSAGE

Re: RES: RES: Context.xml file

2007-08-17 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marcus, Milanez, Marcus wrote: > I know.. This is quite difficult to address... > > Have your company adhered to SOX already? Erm... correct me if I'm wrong, but SOX is all about public disclosure of bad things happening. There are no preventative

Re: RES: RES: Context.xml file

2007-08-17 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marcus, Milanez, Marcus wrote: > Microsoft seems to have a good solution for that. The 'keys' are > associated with na specific domain account... What do you think: > http://msdn2.microsoft.com/en-us/library/ms995355.aspx I don't see this as a soluti

Re: RES: RES: Context.xml file

2007-08-17 Thread Mark H. Wood
All the solutions I ever heard of boil down to two approaches: 1) The secrets are stored in the computer, and protected by filesystem permissions. This is what you have now. Ensure that the filemode/ACL/whatever is correct to prevent unauthorized access to the files containing the s

RES: RES: Context.xml file

2007-08-17 Thread Milanez, Marcus
Enviada em: sexta-feira, 17 de agosto de 2007 15:17 Para: Tomcat Users List Assunto: Re: RES: Context.xml file -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marcus, Milanez, Marcus wrote: > Regarding that, I came across an implementation suggestion which seems > to be valid, but still seems

RES: RES: Context.xml file

2007-08-17 Thread Milanez, Marcus
I know.. This is quite difficult to address... Have your company adhered to SOX already? -Mensagem original- De: Christopher Schultz [mailto:[EMAIL PROTECTED] Enviada em: sexta-feira, 17 de agosto de 2007 15:17 Para: Tomcat Users List Assunto: Re: RES: Context.xml file -BEGIN PGP

Re: RES: Context.xml file

2007-08-17 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marcus, Milanez, Marcus wrote: > Regarding that, I came across an implementation suggestion which seems > to be valid, but still seems to have security issues. What do you think? > Take a look at http://wldj.sys-con.com/read/393364.htm Wow, what a mi

RES: Context.xml file

2007-08-17 Thread Milanez, Marcus
Regarding that, I came across an implementation suggestion which seems to be valid, but still seems to have security issues. What do you think? Take a look at http://wldj.sys-con.com/read/393364.htm -Mensagem original- De: Milanez, Marcus [mailto:[EMAIL PROTECTED] Enviada em: sexta-feir