Re: encrypted source file support in jdk?
- From: tom forsmo <spam@xxxxxxxxxx>
- Date: Fri, 28 Sep 2007 08:25:31 +0200
Daniel Dyer wrote:
On Thu, 27 Sep 2007 13:17:55 +0100, Tom Forsmo <tom@xxxxxxxxxx> wrote:- if class files are also encrypted
This is a common suggestion for protecting class files but it won't work (see http://www.javaworld.com/javaworld/javaqa/2003-05/01-qa-0509-jcrypt.html).
Not quite, the scenario described in that article is for when you sell a binary and want to protect the binary. Of course, that would not work because the users must have the password to decrypt the files in the classloader and of course anybody can listen in if they have the password.
My scenario is for protecting source/class files where only a limited number of people have access to it, such as for internal use during development of a new product etc. or if you dont sell the code, but sell a web service that only you provide. In such situations class files can be protected on the server with this scheme.
But you will allways have the problem of protecting the machine from directed hacking, so they can not tamper with your rt environment or similar. but that is allways a concern. If they have root access its difficult to protect from anythin, unless you start using ACLs and role-based security (used in military systems).
regards
tom
.
- References:
- encrypted source file support in jdk?
- From: Tom Forsmo
- Re: encrypted source file support in jdk?
- From: Daniel Dyer
- encrypted source file support in jdk?
- Prev by Date: Re: UnknownHostException
- Next by Date: Re: encrypted source file support in jdk?
- Previous by thread: Re: encrypted source file support in jdk?
- Next by thread: Re: encrypted source file support in jdk?
- Index(es):
Relevant Pages
|
