db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Amanti <mama...@sbcglobal.net>
Subject Re: AW: AW: Use Apache Derby Network Server with encrypted database
Date Thu, 25 Aug 2016 13:45:12 GMT
On 8/25/2016 7:58 AM, Hohl, Gerrit wrote:
> Yes, but an attacker can't access the database if that person is not on the machine itself.
Is SELinux enabled ?
> And in this case I also don't have to encrypt it, right? ;-)
>
> Regards,
> Gerrit
> -----Urspr√ľngliche Nachricht-----
> Von: John English [mailto:john.foreign@gmail.com]
> Gesendet: Donnerstag, 25. August 2016 10:14
> An: Derby Discussion
> Betreff: Re: AW: Use Apache Derby Network Server with encrypted database
>
> On 25/08/2016 10:58, Hohl, Gerrit wrote:
>> But if that person sniffs the IP traffic on 127.0.0.1, he/she may be
>> able to read the boot password as well as user and password.
> And of course IP traffic to 127.0.0.1 should *never* go outside the local machine, according
to the spec. So any sniffer would have to be logged in on the local machine itself, in which
case you're probably in trouble anyway.
> --
> John English


Mime
View raw message