[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalls-gc
Subject: RE: Java applets access to internal DBs
From: Gene Lee <genel () inforamp ! net>
Date: 1996-09-27 14:58:59
[Download RAW message or body]
On Friday, September 27, 1996 1:10 PM, Jenjen Song[SMTP:jsong@amer.net]
wrote:
>By using Java applets, can a database query be handled on a client machine
>directly with a database, i.e., without passing through the Web server?
>if YES, then can Java applets replace the function of CGI?
>what kind of security should use for the database access to authenticate
>which Java applet can go in and which should not?
I'm not positive, but I believe the above (making Java connections to a
machine other than the Web Server delivering the Java applet) was actually
a security vulnerability which was the basis of the Netscape 2.01 --> 2.02
patch, although that specific vulenerability dealt with DNS-based attacks
on host-names. AFAIK, you cannot make a Java connection with any other
machine other than the one which served you the applet. Again, I may be
mistaken, others will surely confirm/clarify...
--
Gene Lee
genel@inforamp.net
genelee@vnet.ibm.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic