ant-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Bodewig <>
Subject Re: Security Questions - Ant
Date Tue, 27 Nov 2018 12:04:11 GMT
Hi Jack

On 2018-11-27, Jack O'Connor wrote:

> 1) Is the software compliant with U.S. Federal Information Processing
> Standard (FIPS) 140-2?

It is not certified in any way. Not sure what "is compliant" means but
the I guess the answer is somewhere between "we don't know" and "no".

> 2) Is any third party software bundled with the software?

The binary distribution doesn't bundle any additional software, the
source distribution contains JUnit and Hamcrest jars in lib/optional.

> 3) Can the software export security related audit trails to external
> collection systems, such as syslog or ArcSight?

Not by itself. It would be possible to write a Logger/Listener that did
but the Ant team doesn't provide one.

> 5) Are user accounts required or optional?

Apache Ant is a command line tool designed to be run by software
developers during their development work. It is not a server process.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message