Search Results

Search found 55091 results on 2204 pages for 'obiee system security'.

Page 45/2204 | < Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >

  • yum security update - message indicating kernel version not up to date

    - by JMC
    Running yum --security check-update returns this message: Security: kernel-3.x.x-x.63 is an installed security update Security: kernel-3.x.x-x.29 is the currently running version I already ran the yum security update on the kernel, but it looks like it didn't change the version running on the system. What needs to be done to make it run the new kernel? Are there any concerns about why it didn't change during the installation process? The yum log just shows installed for the new kernel no error messages.

    Read the article

  • What security changes are necessary when connecting DSL modem directly to PC instead of router?

    - by Mike B
    Windows XP I have a user with a single PC that was connected to the internet via a standard home router. The router is now having hardware-related issues and to save money, they're considering connecting the PC directly to the DSL modem since they don't need to share the internet connection or need wireless functionality. If they decide to do that, I'm concerned that this will introduce additional security concerns. Is the Windows Firewall sufficient and Microsoft Security Essentials sufficient for protecting a computer directly connected to a DSL Modem? Or is other security software needed here? Ideally, I'd like to avoid having third-party firewall software constantly bringing up alerts and asking them to approve everything. Also, just to clarify, their use cases are just internet browsing and email.

    Read the article

  • How to sanely configure security policy in Tomcat 6

    - by Chas Emerick
    I'm using Tomcat 6.0.24, as packaged for Ubuntu Karmic. The default security policy of Ubuntu's Tomcat package is pretty stringent, but appears straightforward. In /var/lib/tomcat6/conf/policy.d, there are a variety of files that establish default policy. Worth noting at the start: I've not changed the stock tomcat install at all -- no new jars into its common lib directory(ies), no server.xml changes, etc. Putting the .war file in the webapps directory is the only deployment action. the web application I'm deploying fails with thousands of access denials under this default policy (as reported to the log thanks to the -Djava.security.debug="access,stack,failure" system property). turning off the security manager entirely results in no errors whatsoever, and proper app functionality What I'd like to do is add an application-specific security policy file to the policy.d directory, which seems to be the recommended practice. I added this to policy.d/100myapp.policy (as a starting point -- I would like to eventually trim back the granted permissions to only what the app actually needs): grant codeBase "file:${catalina.base}/webapps/ROOT.war" { permission java.security.AllPermission; }; grant codeBase "file:${catalina.base}/webapps/ROOT/-" { permission java.security.AllPermission; }; grant codeBase "file:${catalina.base}/webapps/ROOT/WEB-INF/-" { permission java.security.AllPermission; }; grant codeBase "file:${catalina.base}/webapps/ROOT/WEB-INF/lib/-" { permission java.security.AllPermission; }; grant codeBase "file:${catalina.base}/webapps/ROOT/WEB-INF/classes/-" { permission java.security.AllPermission; }; Note the thrashing around attempting to find the right codeBase declaration. I think that's likely my fundamental problem. Anyway, the above (really only the first two grants appear to have any effect) almost works: the thousands of access denials are gone, and I'm left with just one. Relevant stack trace: java.security.AccessControlException: access denied (java.io.FilePermission /var/lib/tomcat6/webapps/ROOT/WEB-INF/classes/com/foo/some-file-here.txt read) java.security.AccessControlContext.checkPermission(AccessControlContext.java:323) java.security.AccessController.checkPermission(AccessController.java:546) java.lang.SecurityManager.checkPermission(SecurityManager.java:532) java.lang.SecurityManager.checkRead(SecurityManager.java:871) java.io.File.exists(File.java:731) org.apache.naming.resources.FileDirContext.file(FileDirContext.java:785) org.apache.naming.resources.FileDirContext.lookup(FileDirContext.java:206) org.apache.naming.resources.ProxyDirContext.lookup(ProxyDirContext.java:299) org.apache.catalina.loader.WebappClassLoader.findResourceInternal(WebappClassLoader.java:1937) org.apache.catalina.loader.WebappClassLoader.findResource(WebappClassLoader.java:973) org.apache.catalina.loader.WebappClassLoader.getResource(WebappClassLoader.java:1108) java.lang.ClassLoader.getResource(ClassLoader.java:973) I'm pretty convinced that the actual file that's triggering the denial is irrelevant -- it's just some properties file that we check for optional configuration parameters. What's interesting is that: it doesn't exist in this context the fact that the file doesn't exist ends up throwing a security exception, rather than java.io.File.exists() simply returning false (although I suppose that's just a matter of the semantics of the read permission). Another workaround (besides just disabling the security manager in tomcat) is to add an open-ended permission to my policy file: grant { permission java.security.AllPermission; }; I presume this is functionally equivalent to turning off the security manager. I suppose I must be getting the codeBase declaration in my grants subtly wrong, but I'm not seeing it at the moment.

    Read the article

  • Windows Security Videos auf Channel 9

    - by Your DisplayName here!
    Ich habe vor ein paar Wochen mit Lori drei Videos zum Thema Windows Security für Entwickler aufgenommen – die sind nun Online. Der erste Teil beschäftigt sich mit den absoluten Grundlagen der Windows Sicherheit. Was ist ein Konto? Was ist eine SID? Was ist ein Windows Token? Weiterhin wird gezeigt, wie sich diese grundlegenden Windows Einrichtungen über Managed Code anprogrammieren lassen. Der Vortrag endet mit einem kleinen Einblick in die Vorgehensweise von UAC, und wie dieses programmatisch verwendet werden kann. http://channel9.msdn.com/Blogs/Lori/Windows-Security-fr-Developers-Teil-1 Teil zwei beschäfitgt sich mit Zugriffs-Kontrolllisten, und wie diese mit .NET Code gelesen und geschrieben werden können. Weiterhin werden die beiden verwandten Konzepte Logon Session und Impersonierung besprochen. Beide Einrichtungen erzeugen einen neuen Token, sind aber grundlegend verschieden in ihren Einsatzgebieten. http://channel9.msdn.com/Blogs/Lori/Windows-Security-fr-Developers-Teil-2 Teil drei stellt das Kerberos Netzwerk-Authentifizierungsprotokoll vor. Da dieses Protokoll standardmäßig in Active Directory verwendet wird, sollten man es in den Grundzügen kennen. Natürlich kann auch Kerberos aus Managed Code verwendet werden – die abschließende Demo zeigt wie dies funktioniert. http://channel9.msdn.com/Blogs/Lori/Windows-Security-fr-Developers-Teil-3 …und noch ein kleines Interview http://channel9.msdn.com/Blogs/Lori/Interview-mit-Dominick-Baier Viel Spaß ;)

    Read the article

  • Oracle JDK 7u10 released with new security features

    - by Henrik Stahl
    A few days ago, we released JRE and JDK 7 update 10. This release adds support for the following new platforms: Windows 8 on x86-64. Note that Modern UI (aka Metro) mode is not supported. Internet Explorer 10 on Windows 8. Mac OS X 10.8 (Mountain Lion) This release also introduces new features that provide enhanced security for Java applet and webstart applications, specifically: The Java runtime tracks if it is updated to the latest security baseline. If you try to execute an unsigned applet with an outdated version of Java, a warning dialog will prompt you to update before running the applet. The Java runtime includes a hardcoded best before date. It is assumed that a new version will be released before this date. If the client has not been able to check for an update prior to this date, the Java runtime will assume that it is insecure and start warning the user prior to executing any applets. The Java control panel now includes an option to set the desired security level on a low-medium-high-very high scale, as well as an option to disable Java applets and webstart entirely. This level controls things such as if the Java runtime is allowed to execute unsigned code, and if so what type of warning will be displayed to the user. More details on the security settings can be found in the documentation. See below for a sample screenshot. The new update of the JRE and the JDK are available via OTN. To learn more about the release please visit the release notes.

    Read the article

  • Data Source Security Part 3

    - by Steve Felts
    In part one, I introduced the security features and talked about the default behavior.  In part two, I defined the two major approaches to security credentials: directly using database credentials and mapping WLS user credentials to database credentials.  Now it's time to get down to a couple of the security options (each of which can use database credentials or WLS credentials). Set Client Identifier on Connection When "Set Client Identifier" is enabled on the data source, a client property is associated with the connection.  The underlying SQL user remains unchanged for the life of the connection but the client value can change.  This information can be used for accounting, auditing, or debugging.  The client property is based on either the WebLogic user mapped to a database user using the credential map Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} or is the database user parameter directly from the getConnection() method, based on the “use database credentials” setting described earlier. To enable this feature, select “Set Client ID On Connection” in the Console.  See "Enable Set Client ID On Connection for a JDBC data source" http://docs.oracle.com/cd/E24329_01/apirefs.1211/e24401/taskhelp/jdbc/jdbc_datasources/EnableCredentialMapping.html in Oracle WebLogic Server Administration Console Help. The Set Client Identifier feature is only available for use with the Oracle thin driver and the IBM DB2 driver, based on the following interfaces. For pre-Oracle 12c, oracle.jdbc.OracleConnection.setClientIdentifier(client) is used.  See http://docs.oracle.com/cd/B28359_01/network.111/b28531/authentication.htm#i1009003 for more information about how to use this for auditing and debugging.   You can get the value using getClientIdentifier()  from the driver.  To get back the value from the database as part of a SQL query, use a statement like the following. “select sys_context('USERENV','CLIENT_IDENTIFIER') from DUAL”. Starting in Oracle 12c, java.sql.Connection.setClientInfo(“OCSID.CLIENTID", client) is used.  This is a JDBC standard API, although the property values are proprietary.  A problem with setClientIdentifier usage is that there are pieces of the Oracle technology stack that set and depend on this value.  If application code also sets this value, it can cause problems. This has been addressed with setClientInfo by making use of this method a privileged operation. A well-managed container can restrict the Java security policy grants to specific namespaces and code bases, and protect the container from out-of-control user code. When running with the Java security manager, permission must be granted in the Java security policy file for permission "oracle.jdbc.OracleSQLPermission" "clientInfo.OCSID.CLIENTID"; Using the name “OCSID.CLIENTID" allows for upward compatible use of “select sys_context('USERENV','CLIENT_IDENTIFIER') from DUAL” or use the JDBC standard API java.sql.getClientInfo(“OCSID.CLIENTID") to retrieve the value. This value in the Oracle USERENV context can be used to drive the Oracle Virtual Private Database (VPD) feature to create security policies to control database access at the row and column level. Essentially, Oracle Virtual Private Database adds a dynamic WHERE clause to a SQL statement that is issued against the table, view, or synonym to which an Oracle Virtual Private Database security policy was applied.  See Using Oracle Virtual Private Database to Control Data Access http://docs.oracle.com/cd/B28359_01/network.111/b28531/vpd.htm for more information about VPD.  Using this data source feature means that no programming is needed on the WLS side to set this context; it is set and cleared by the WLS data source code. For the IBM DB2 driver, com.ibm.db2.jcc.DB2Connection.setDB2ClientUser(client) is used for older releases (prior to version 9.5).  This specifies the current client user name for the connection. Note that the current client user name can change during a connection (unlike the user).  This value is also available in the CURRENT CLIENT_USERID special register.  You can select it using a statement like “select CURRENT CLIENT_USERID from SYSIBM.SYSTABLES”. When running the IBM DB2 driver with JDBC 4.0 (starting with version 9.5), java.sql.Connection.setClientInfo(“ClientUser”, client) is used.  You can retrieve the value using java.sql.Connection.getClientInfo(“ClientUser”) instead of the DB2 proprietary API (even if set setDB2ClientUser()).  Oracle Proxy Session Oracle proxy authentication allows one JDBC connection to act as a proxy for multiple (serial) light-weight user connections to an Oracle database with the thin driver.  You can configure a WebLogic data source to allow a client to connect to a database through an application server as a proxy user. The client authenticates with the application server and the application server authenticates with the Oracle database. This allows the client's user name to be maintained on the connection with the database. Use the following steps to configure proxy authentication on a connection to an Oracle database. 1. If you have not yet done so, create the necessary database users. 2. On the Oracle database, provide CONNECT THROUGH privileges. For example: SQL> ALTER USER connectionuser GRANT CONNECT THROUGH dbuser; where “connectionuser” is the name of the application user to be authenticated and “dbuser” is an Oracle database user. 3. Create a generic or GridLink data source and set the user to the value of dbuser. 4a. To use WLS credentials, create an entry in the credential map that maps the value of wlsuser to the value of dbuser, as described earlier.   4b. To use database credentials, enable “Use Database Credentials”, as described earlier. 5. Enable Oracle Proxy Authentication, see "Configure Oracle parameters" in Oracle WebLogic Server Administration Console Help. 6. Log on to a WebLogic Server instance using the value of wlsuser or dbuser. 6. Get a connection using getConnection(username, password).  The credentials are based on either the WebLogic user that is mapped to a database user or the database user directly, based on the “use database credentials” setting.  You can see the current user and proxy user by executing: “select user, sys_context('USERENV','PROXY_USER') from DUAL". Note: getConnection fails if “Use Database Credentials” is not enabled and the value of the user/password is not valid for a WebLogic Server user.  Conversely, it fails if “Use Database Credentials” is enabled and the value of the user/password is not valid for a database user. A proxy session is opened on the connection based on the user each time a connection request is made on the pool. The proxy session is closed when the connection is returned to the pool.  Opening or closing a proxy session has the following impact on JDBC objects. - Closes any existing statements (including result sets) from the original connection. - Clears the WebLogic Server statement cache. - Clears the client identifier, if set. -The WebLogic Server test statement for a connection is recreated for every proxy session. These behaviors may impact applications that share a connection across instances and expect some state to be associated with the connection. Oracle proxy session is also implicitly enabled when use-database-credentials is enabled and getConnection(user, password) is called,starting in WLS Release 10.3.6.  Remember that this only works when using the Oracle thin driver. To summarize, the definition of oracle-proxy-session is as follows. - If proxy authentication is enabled and identity based pooling is also enabled, it is an error. - If a user is specified on getConnection() and identity-based-connection-pooling-enabled is false, then oracle-proxy-session is treated as true implicitly (it can also be explicitly true). - If a user is specified on getConnection() and identity-based-connection-pooling-enabled is true, then oracle-proxy-session is treated as false.

    Read the article

  • iphone app crash, crash log posted, help please

    - by terry jones
    hi, we recenty had a programmer to develop a program for us but seems to have left us in the lurch with a part functioning application. my boss isnt happy at moment as we have spent a few hundred and have nothing to show for it at the moment. can anyone see any information in the crash log below as its gibberish to me. Incident Identifier: D4F482FE-167A-44BB-A642-7E8EF7B568BF CrashReporter Key: 2d8e2d17415c55e48ec20dae7cbe6c36b33bcce1 Process: Logistics [328] Path: /var/mobile/Applications/32A03443-ADE3-4AAE-AB32-05DB7BEB15D8/Logistics.app/Logistics Identifier: Logistics Version: ??? (???) Code Type: ARM (Native) Parent Process: launchd [1] Date/Time: 2010-03-29 17:07:06.474 +0200 OS Version: iPhone OS 3.1.2 (7D11) Report Version: 104 Exception Type: EXC_CRASH (SIGABRT) Exception Codes: 0x00000000, 0x00000000 Crashed Thread: 0 Thread 0 Crashed: 0 libSystem.B.dylib 0x31a279ac 0x319a9000 + 518572 1 libSystem.B.dylib 0x31a2799c 0x319a9000 + 518556 2 libSystem.B.dylib 0x31a2798e 0x319a9000 + 518542 3 libSystem.B.dylib 0x31a3c63a 0x319a9000 + 603706 4 libstdc++.6.dylib 0x3361d3b0 0x335d8000 + 283568 5 libobjc.A.dylib 0x32401858 0x323fc000 + 22616 6 libstdc++.6.dylib 0x3361b776 0x335d8000 + 276342 7 libstdc++.6.dylib 0x3361b7ca 0x335d8000 + 276426 8 libstdc++.6.dylib 0x3361b896 0x335d8000 + 276630 9 libobjc.A.dylib 0x32400714 0x323fc000 + 18196 10 CoreFoundation 0x32537b86 0x32511000 + 158598 11 CoreFoundation 0x32537b24 0x32511000 + 158500 12 Foundation 0x3145ddaa 0x313ed000 + 462250 13 Foundation 0x31454ee2 0x313ed000 + 425698 14 Logistics 0x00002df8 0x1000 + 7672 15 CoreFoundation 0x32569ede 0x32511000 + 364254 16 UIKit 0x32ba205e 0x32b60000 + 270430 17 UIKit 0x32bf4d4e 0x32b60000 + 609614 18 CoreFoundation 0x32569ede 0x32511000 + 364254 19 UIKit 0x32ba205e 0x32b60000 + 270430 20 UIKit 0x32ba1ffe 0x32b60000 + 270334 21 UIKit 0x32ba1fd0 0x32b60000 + 270288 22 UIKit 0x32ba1d2a 0x32b60000 + 269610 23 UIKit 0x32ba263e 0x32b60000 + 271934 24 UIKit 0x32ba1656 0x32b60000 + 267862 25 UIKit 0x32ba1032 0x32b60000 + 266290 26 UIKit 0x32b9d928 0x32b60000 + 252200 27 UIKit 0x32b9d3a0 0x32b60000 + 250784 28 GraphicsServices 0x32913b72 0x3290f000 + 19314 29 CoreFoundation 0x32567c26 0x32511000 + 355366 30 CoreFoundation 0x32567356 0x32511000 + 353110 31 GraphicsServices 0x32912cb8 0x3290f000 + 15544 32 GraphicsServices 0x32912d64 0x3290f000 + 15716 33 UIKit 0x32b62768 0x32b60000 + 10088 34 UIKit 0x32b6146c 0x32b60000 + 5228 35 Logistics 0x000023c4 0x1000 + 5060 36 Logistics 0x00002380 0x1000 + 4992 Thread 1: 0 libSystem.B.dylib 0x319a9818 0x319a9000 + 2072 1 libSystem.B.dylib 0x319abff8 0x319a9000 + 12280 2 CoreFoundation 0x325677f6 0x32511000 + 354294 3 CoreFoundation 0x32567356 0x32511000 + 353110 4 WebCore 0x305d59de 0x30578000 + 383454 5 libSystem.B.dylib 0x319cd92a 0x319a9000 + 149802 Thread 2: 0 libSystem.B.dylib 0x31a28228 0x319a9000 + 520744 1 libSystem.B.dylib 0x319d3244 0x319a9000 + 172612 2 libSystem.B.dylib 0x319d2d0e 0x319a9000 + 171278 3 CoreMedia 0x33552b04 0x3354f000 + 15108 4 CoreMedia 0x33552a3a 0x3354f000 + 14906 5 MediaToolbox 0x31e1b50c 0x31e18000 + 13580 6 libSystem.B.dylib 0x319cd92a 0x319a9000 + 149802 Thread 0 crashed with ARM Thread State: r0: 0x00000000 r1: 0x00000000 r2: 0x00000001 r3: 0x383c43cc r4: 0x00000006 r5: 0x3361b30d r6: 0x00172f5c r7: 0x2fffe97c r8: 0x2fffe968 r9: 0x00000065 r10: 0x00007150 r11: 0x334bd104 ip: 0x00000025 sp: 0x2fffe97c lr: 0x31a279a3 pc: 0x31a279ac cpsr: 0x00000010 Binary Images: 0x1000 - 0x6fff +Logistics armv6 <350fc970d77b4d8d67bf43f4d7f2a68c> /var/mobile/Applications/32A03443-ADE3-4AAE-AB32-05DB7BEB15D8/Logistics.app/Logistics 0x2c000 - 0x2dfff dns.so armv7 <35ac487c38e38ed5810d5ed0d5c67546> /usr/lib/info/dns.so 0x2fe00000 - 0x2fe24fff dyld armv7 <5db9f5d0275997de58efff111816706e> /usr/lib/dyld 0x30028000 - 0x3004ffff ContentIndex armv7 <67165d749b79ad4b14c8a24f14dab29d> /System/Library/PrivateFrameworks/ContentIndex.framework/ContentIndex 0x30050000 - 0x30054fff ITSync armv7 <a0bf9af6f4ebc7e5977d3da853671162> /System/Library/PrivateFrameworks/ITSync.framework/ITSync 0x30149000 - 0x3016efff AppSupport armv7 <ca2e9a4f0475af20028968840ab94ecf> /System/Library/PrivateFrameworks/AppSupport.framework/AppSupport 0x30175000 - 0x3017ffff MobileCoreServices armv7 <36d71cd8dd49f5d5addb356f449b562a> /System/Library/Frameworks/MobileCoreServices.framework/MobileCoreServices 0x30184000 - 0x30184fff Accelerate armv7 <939f94df6c7e6e7a090ddee1ec09c844> /System/Library/PrivateFrameworks/Accelerate.framework/Accelerate 0x30185000 - 0x301b7fff iCalendar armv7 <235e05f7e167e6dbbd75528a4a37f3a3> /System/Library/PrivateFrameworks/iCalendar.framework/iCalendar 0x301b8000 - 0x301c3fff libz.1.dylib armv7 <8faba7ded9b3527ccf54c2f224f9a12f> /usr/lib/libz.1.dylib 0x301c4000 - 0x301eefff CoreText armv7 <821e9c7c935b6a8d735e2d2d9ebcee04> /System/Library/PrivateFrameworks/CoreText.framework/CoreText 0x301f6000 - 0x301fffff IAP armv7 <36e57cf20df9fcea10ebd0d1c3526a9a> /System/Library/PrivateFrameworks/IAP.framework/IAP 0x30247000 - 0x30279fff MessageUI armv7 <51d0498fb3dba758dae660754f1afb9c> /System/Library/Frameworks/MessageUI.framework/MessageUI 0x3027a000 - 0x3027efff MobileMusicPlayer armv7 <f0e7d2d2d69e9cc2a84e20bced0e1d07> /System/Library/PrivateFrameworks/MobileMusicPlayer.framework/MobileMusicPlayer 0x302c6000 - 0x302cefff CoreVideo armv7 <9259f5ae2a74b53e4f13b27fa3d511e8> /System/Library/PrivateFrameworks/CoreVideo.framework/CoreVideo 0x30348000 - 0x3034afff CrashReporterSupport armv7 <a0a25c381e45f8a3f4ec63bcb17a5a39> /System/Library/PrivateFrameworks/CrashReporterSupport.framework/CrashReporterSupport 0x304a3000 - 0x304cefff MIME armv7 <55a4de1d243273ee7ef4e86a85d591f5> /System/Library/PrivateFrameworks/MIME.framework/MIME 0x304cf000 - 0x3050ffff libsqlite3.dylib armv7 <c2b5985d8307d73b39140e76adfd2eb7> /usr/lib/libsqlite3.dylib 0x3054a000 - 0x30569fff Bom armv7 <37e498957087af50894156808e0a486b> /System/Library/PrivateFrameworks/Bom.framework/Bom 0x30578000 - 0x30a4efff WebCore armv7 <4e2bac4e01a15979c9ac096f78280db0> /System/Library/PrivateFrameworks/WebCore.framework/WebCore 0x30a58000 - 0x30b12fff Message armv7 <a5a7de97c57a6965f27547bf8ff8810c> /System/Library/PrivateFrameworks/Message.framework/Message 0x30b13000 - 0x30b13fff vecLib armv7 <4eb91bf56603dc0db6784d8d3240bfa8> /System/Library/PrivateFrameworks/Accelerate.framework/Frameworks/vecLib.framework/vecLib 0x30c1e000 - 0x30c23fff ProtocolBuffer armv7 <91af9ee5b2f271cbd8c138b3c61e508d> /System/Library/PrivateFrameworks/ProtocolBuffer.framework/ProtocolBuffer 0x30d05000 - 0x30d29fff SystemConfiguration armv7 <c57df668b510f025ee5a173ad30fb48e> /System/Library/Frameworks/SystemConfiguration.framework/SystemConfiguration 0x30d6c000 - 0x30decfff QuartzCore armv7 <af0722911ffc74fc08075e9831a6222e> /System/Library/Frameworks/QuartzCore.framework/QuartzCore 0x30e5d000 - 0x30e72fff libresolv.9.dylib armv7 <2b6a9404652dd2b5abd1c6a5583e8533> /usr/lib/libresolv.9.dylib 0x30e73000 - 0x30ebdfff GMM armv7 <72c87b3b08ab4359802b6efed472bf46> /System/Library/PrivateFrameworks/GMM.framework/GMM 0x30ec7000 - 0x30ed0fff SpringBoardServices armv7 <17ca8b5262cd6484d41efdc72c6fd057> /System/Library/PrivateFrameworks/SpringBoardServices.framework/SpringBoardServices 0x30ed1000 - 0x30f43fff LDAP armv7 <a5f6d51ebcab28eeabe0f2bbbdeb8cc7> /System/Library/PrivateFrameworks/LDAP.framework/LDAP 0x30fe6000 - 0x30ffbfff OpenGLES armv7 <be80a5e4c55c2920be2c31f740bb9dba> /System/Library/Frameworks/OpenGLES.framework/OpenGLES 0x31003000 - 0x31009fff libkxld.dylib armv7 <04ab19af95239c12a98539478eebc560> /usr/lib/system/libkxld.dylib 0x3114f000 - 0x311acfff MediaPlayer armv7 <1021fc5da1419ba297464f71049ad084> /System/Library/Frameworks/MediaPlayer.framework/MediaPlayer 0x311ad000 - 0x311cefff CoreLocation armv7 <a3857b8324f90ae48994df15fdfbcda6> /System/Library/Frameworks/CoreLocation.framework/CoreLocation 0x311d5000 - 0x31214fff Celestial armv7 <f8bde8e040e6aac9e36e0aa8b43ee8cc> /System/Library/PrivateFrameworks/Celestial.framework/Celestial 0x312f6000 - 0x312fcfff libgcc_s.1.dylib armv7 <263b2691cd12171b31fa600716104e4a> /usr/lib/libgcc_s.1.dylib 0x31338000 - 0x31367fff libCGFreetype.A.dylib armv7 <2ec5ad6812f5ea3859cb4189d62b7265> /System/Library/Frameworks/CoreGraphics.framework/Resources/libCGFreetype.A.dylib 0x31393000 - 0x313cafff IOKit armv7 <0afabe8bf08fc163ba8e4ed614092cd3> /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit 0x313e9000 - 0x313eafff IOMobileFramebuffer armv7 <9d9f0254b5b64ced3d58191748f3027b> /System/Library/PrivateFrameworks/IOMobileFramebuffer.framework/IOMobileFramebuffer 0x313ed000 - 0x314e2fff Foundation armv7 <ede5b943f529ce1b862c15dc876992c1> /System/Library/Frameworks/Foundation.framework/Foundation 0x314ed000 - 0x31599fff libxml2.2.dylib armv7 <a491bfc5f062f33185a3f98969bae3c2> /usr/lib/libxml2.2.dylib 0x315fc000 - 0x315fefff MobileInstallation armv7 <b8ebf64838bdfe5315dab5745482e30c> /System/Library/PrivateFrameworks/MobileInstallation.framework/MobileInstallation 0x31919000 - 0x31923fff MobileBluetooth armv7 <bc6cf9563c3a14a86cde6ddf6cc3ed45> /System/Library/PrivateFrameworks/MobileBluetooth.framework/MobileBluetooth 0x31926000 - 0x319a8fff WebKit armv7 <b9b7246a09f5db68e44497d318cb3ab6> /System/Library/PrivateFrameworks/WebKit.framework/WebKit 0x319a9000 - 0x31aa0fff libSystem.B.dylib armv7 <3f94d4b13815a93cbdfc6c7dc2afe5b4> /usr/lib/libSystem.B.dylib 0x31aa2000 - 0x31b8bfff AudioToolbox armv7 <393fa1e155bb0523c2a90555bb394498> /System/Library/Frameworks/AudioToolbox.framework/AudioToolbox 0x31b8d000 - 0x31bfcfff CFNetwork armv7 <b55671f2472fdae3f811ae6f636b4e2e> /System/Library/Frameworks/CFNetwork.framework/CFNetwork 0x31cb2000 - 0x31d12fff AddressBookUI armv7 <5e5b83d3c9e2c0676671feebfb8d37c9> /System/Library/Frameworks/AddressBookUI.framework/AddressBookUI 0x31d19000 - 0x31d21fff AccountSettings armv7 <37a8916d02c399bfccc56e92ad68e84b> /System/Library/PrivateFrameworks/AccountSettings.framework/AccountSettings 0x31d28000 - 0x31d34fff MobileDeviceLink armv7 <d757be3521f8ed71709728790c29bdb2> /System/Library/PrivateFrameworks/MobileDeviceLink.framework/MobileDeviceLink 0x31d3a000 - 0x31d3cfff Notes armv7 <f7c579348cb58b5f2218c042cf46f422> /System/Library/PrivateFrameworks/Notes.framework/Notes 0x31d59000 - 0x31d5cfff IOSurface armv7 <81661b8e151a9af6ce5704a728e12dc7> /System/Library/PrivateFrameworks/IOSurface.framework/IOSurface 0x31e18000 - 0x31ed8fff MediaToolbox armv7 <b9023dc22073ab28f6fb8ecbe00951c2> /System/Library/PrivateFrameworks/MediaToolbox.framework/MediaToolbox 0x31ed9000 - 0x31f8dfff JavaScriptCore armv7 <d3434c868a9a0f4016ed32ba90a35c4d> /System/Library/PrivateFrameworks/JavaScriptCore.framework/JavaScriptCore 0x31f91000 - 0x320e6fff CoreGraphics armv7 <5852bd39fd1ef304da7b017949755cab> /System/Library/Frameworks/CoreGraphics.framework/CoreGraphics 0x32150000 - 0x3217cfff DAVKit armv7 <80cf41b34d377d21d406fcb6835fbf77> /System/Library/PrivateFrameworks/DAVKit.framework/DAVKit 0x321d4000 - 0x322d5fff libicucore.A.dylib armv7 <1081389fef915d9b8858d0dfff04568e> /usr/lib/libicucore.A.dylib 0x322d6000 - 0x322d9fff ActorKit armv7 <c81b8278a35c6e8293aaf7c55811ba2d> /System/Library/PrivateFrameworks/ActorKit.framework/ActorKit 0x322da000 - 0x32388fff DataAccess armv7 <e9225a8b94fe76047095ebecd6fd58c5> /System/Library/PrivateFrameworks/DataAccess.framework/DataAccess 0x32389000 - 0x32390fff libbz2.1.0.dylib armv7 <6675987a84fc3d127305c175085914aa> /usr/lib/libbz2.1.0.dylib 0x323fc000 - 0x32499fff libobjc.A.dylib armv7 <1a57ecb9f5c0f274a274b3eb53df48ed> /usr/lib/libobjc.A.dylib 0x324b5000 - 0x324cbfff AddressBook armv7 <c21d7ab21d7e67f84c487bc278568bbe> /System/Library/Frameworks/AddressBook.framework/AddressBook 0x324d6000 - 0x32510fff CoreTelephony armv7 <5b68ed8ffac45237acc948e9d5bb5e83> /System/Library/PrivateFrameworks/CoreTelephony.framework/CoreTelephony 0x32511000 - 0x325bbfff CoreFoundation armv7 <51c03f1f8755868781e3e719d8df7b6f> /System/Library/Frameworks/CoreFoundation.framework/CoreFoundation 0x325ca000 - 0x3268bfff MusicLibrary armv7 <ce4922bef1cc1d6706da32480c2272bd> /System/Library/PrivateFrameworks/MusicLibrary.framework/MusicLibrary 0x3268c000 - 0x3268efff AppleJPEG armv7 <af51b716dce446178b366a8d5af48ebb> /System/Library/PrivateFrameworks/AppleJPEG.framework/AppleJPEG 0x3268f000 - 0x326adfff MobileSync armv7 <1eecaede37e5d042180473311efccda3> /System/Library/PrivateFrameworks/MobileSync.framework/MobileSync 0x32860000 - 0x3286bfff PersistentConnection armv7 <73c2bec8b5f870ea528f359c2374f19c> /System/Library/PrivateFrameworks/PersistentConnection.framework/PersistentConnection 0x3286c000 - 0x328f2fff ImageIO armv7 <ea76d0fd3ca8c1a6104bc0f013255e2d> /System/Library/PrivateFrameworks/ImageIO.framework/ImageIO 0x3290f000 - 0x32918fff GraphicsServices armv7 <5387c7197570ac7df97759c0402d453d> /System/Library/PrivateFrameworks/GraphicsServices.framework/GraphicsServices 0x32933000 - 0x3299bfff PhotoLibrary armv7 <0535fc553452b7b6cc25ac990cff4a40> /System/Library/PrivateFrameworks/PhotoLibrary.framework/PhotoLibrary 0x3299f000 - 0x329ccfff Calendar armv7 <52446b9087d707210cb515b0894afee5> /System/Library/PrivateFrameworks/Calendar.framework/Calendar 0x329d6000 - 0x329fffff TextInput armv7 <2e983bf3876bfeaf7151aa8a0e68dabc> /System/Library/PrivateFrameworks/TextInput.framework/TextInput 0x32a01000 - 0x32a02fff CoreSurface armv7 <f3aae0195e4510657029b19161138593> /System/Library/PrivateFrameworks/CoreSurface.framework/CoreSurface 0x32a09000 - 0x32a0bfff Camera armv7 <81c49c0f094225be8a6ad129a8641c86> /System/Library/PrivateFrameworks/Camera.framework/Camera 0x32a56000 - 0x32a7efff libvDSP.dylib armv7 <d846b621ce13b16241ac2d32ddd28615> /System/Library/PrivateFrameworks/Accelerate.framework/Frameworks/vecLib.framework/libvDSP.dylib 0x32a81000 - 0x32a86fff liblockdown.dylib armv7 <5b665cd59d9884ceecec6441fc42bc14> /usr/lib/liblockdown.dylib 0x32a8a000 - 0x32a96fff DataAccessExpress armv7 <ad1aeb0c6df9b0b917c1c99405e36cc4> /System/Library/PrivateFrameworks/DataAccessExpress.framework/DataAccessExpress 0x32ab5000 - 0x32ac3fff TelephonyUI armv7 <b34206a34dfb1cc4183274cc6c0a3f36> /System/Library/PrivateFrameworks/TelephonyUI.framework/TelephonyUI 0x32ac4000 - 0x32ae5fff MobileQuickLook armv7 <06cb03b3f1bd2c5bfa27ba2aef0849b2> /System/Library/PrivateFrameworks/MobileQuickLook.framework/MobileQuickLook 0x32aed000 - 0x32b07fff libRIP.A.dylib armv7 <0dc4e83b63c1350517949e24204817fb> /System/Library/Frameworks/CoreGraphics.framework/Resources/libRIP.A.dylib 0x32b09000 - 0x32b2dfff Security armv7 <3a3406fe12445942f4d767c7fa4c24ce> /System/Library/Frameworks/Security.framework/Security 0x32b2e000 - 0x32b5bfff VideoToolbox armv7 <08b68b92f987faff46a127f6f78708a0> /System/Library/PrivateFrameworks/VideoToolbox.framework/VideoToolbox 0x32b60000 - 0x33524fff UIKit armv7 <47c9d61f9cbe72938d1bfb1588306b97> /System/Library/Frameworks/UIKit.framework/UIKit 0x3354f000 - 0x33580fff CoreMedia armv7 <584770f5de9c599a2d420eb8666921ac> /System/Library/PrivateFrameworks/CoreMedia.framework/CoreMedia 0x33586000 - 0x33588fff ArtworkCache armv7 <66057eb40ba62cb544fe00ac4f2b498e> /System/Library/PrivateFrameworks/ArtworkCache.framework/ArtworkCache 0x33594000 - 0x33599fff MBX2D armv7 <ae091892e4419221d25f8db9307cedf0> /System/Library/PrivateFrameworks/MBX2D.framework/MBX2D 0x3359a000 - 0x335d7fff CoreAudio armv7 <1eb427066a911d979a024e445464a067> /System/Library/Frameworks/CoreAudio.framework/CoreAudio 0x335d8000 - 0x33621fff libstdc++.6.dylib armv7 <99401ed10ec4d5608ce23ec33dd757c6> /usr/lib/libstdc++.6.dylib 0x33627000 - 0x33632fff libbsm.0.dylib armv7 <03f3879bad1802636dadeb457ee74cb2> /usr/lib/libbsm.0.dylib

    Read the article

  • How to configure a WCF service to only accept a single client identified by a x509 certificate

    - by Johan Levin
    I have a WCF client/service app that relies on secure communication between two machines and I want to use use x509 certificates installed in the certificate store to identify the server and client to each other. I do this by configuring the binding as <security authenticationMode="MutualCertificate"/>. There is only client machine. The server has a certificate issued to server.mydomain.com installed in the Local Computer/Personal store and the client has a certificate issued to client.mydomain.com installed in the same place. In addition to this the server has the client's public certificate in Local Computer/Trusted People and the client has the server's public certificate in Local Computer/Trusted People. Finally the client has been configured to check the server's certificate. I did this using the system.servicemodel/behaviors/endpointBehaviors/clientCredentials/serviceCertificate/defaultCertificate element in the config file. So far so good, this all works. My problem is that I want to specify in the server's config file that only clients that identify themselves with the client.mydomain.com certificate from the Trusted People certificate store are allowed to connect. The correct information is available on the server using the ServiceSecurityContext, but I am looking for a way to specify in app.config that WCF should do this check instead of my having to check the security context from code. Is that possible? Any hints would be appreciated. By the way, my server's config file looks like this so far: <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.serviceModel> <services> <service name="MyServer.Server" behaviorConfiguration="CertificateBehavior"> <endpoint contract="Contracts.IMyService" binding="customBinding" bindingConfiguration="SecureConfig"> </endpoint> <host> <baseAddresses> <add baseAddress="http://localhost/SecureWcf"/> </baseAddresses> </host> </service> </services> <behaviors> <serviceBehaviors> <behavior name="CertificateBehavior"> <serviceCredentials> <serviceCertificate storeLocation="LocalMachine" x509FindType="FindBySubjectName" findValue="server.mydomain.com"/> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <bindings> <customBinding> <binding name="SecureConfig"> <security authenticationMode="MutualCertificate"/> <httpTransport/> </binding> </customBinding> </bindings> </system.serviceModel> </configuration>

    Read the article

  • Cannot import resource > "app/config/security.yml" from "/app/config/config.yml"

    - by tirengarfio
    Im getting this error: FileLoaderLoadException: Cannot import resource "app/config/security.yml" from "/app/config/config.yml". The file security.yml is on the right path. This is my security.yml file: jms_sapp/confiapp/config/security.yml secure_all_services: false exprapp/confiapp/config/security.yml security: encoders: Symfony\Component\Security\Core\User\User: plaintext role_hierarchy: ROLE_ADMIN: ROLE_USER ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] providers: in_memory: memory: users: user: { password: userpass, roles: [ 'ROLE_USER' ] } admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] } firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false login: pattern: ^/demo/secured/login$ security: false secured_area: pattern: ^/demo/secured/ form_login: check_path: /demo/secured/login_check login_path: /demo/secured/login logout: path: /demo/secured/logout target: /demo/ #anonymous: ~ #http_basic: # realm: "Secured Demo Area" access_control: #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https } #- { path: ^/_internal/secure, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }

    Read the article

  • WCF security when it is used with sync services

    - by malik
    I am using following architecture for sync process. http://www.codeproject.com/KB/smart/sync_services.aspx And for server i use WCF service, can anybody guide me how can i secure my wcf service without using certificate that is hosted on IIS. Can i get a way to pass credential or some token to authenticate? I need to authenticate and encrypt the communication, when syncagent call synchronise method.

    Read the article

  • firefox addon security question

    - by rep_movsd
    I'm writing a firefox extension that logs some data and displays the result on a webpage... The webpage fires an event that the extension listens for and the extension can then add data to the page and fire an event back to the page to make it update itself. How do I ensure that the extension always sends data only to my page and not some other? Thanks V

    Read the article

  • Salt, passwords and security

    - by Jonathan
    I've read through many of the questions on SO about this, but many answers contradict each other or I don't understand. You should always store a password as a hash, never as plain text. But should you store the salt (unique for each user) next to the hashed password+salt in the database. This doesn't seem very clever to me as couldn't someone gain access to the database, look for says the account called Admin or whatever and then work out the password from that?

    Read the article

  • Server Security

    - by mahatmanich
    I want to run my own root server (directly accessible from the web without a hardware firewall) with debian lenny, apache2, php5, mysql, postfix MTA, sftp (based on ssh) and maybe dns server. What measures/software would you recomend, and why, to secure this server down and minimalize the attack vector? Webapplications aside ... This is what I have so far: iptables (for gen. packet filtering) fail2ban (brute force attack defense) ssh (chang default, port disable root access) modsecurity - is really clumsy and a pain (any alternative here?) ?Sudo why should I use it? what is the advantage to normal user handling thinking about greensql for mysql www.greensql.net is tripwire worth looking at? snort? What am I missing? What is hot and what is not? Best practices? I like "KISS" - Keep it simple secure, I know it would be nice! Thanks in advance ...

    Read the article

  • Spring Security 3.0 and Active Directory LDAP: DOMAIN\user login

    - by Bernd Haug
    I would like to have users authenticate against an ActiveDirectory LDAP server using the DOMAIN\user.name syntax. I think that should be possible with SpringSec 3.0 since the docs mention an "alternative syntax" which I guess refers to the DOM\user syntax instead of a bind DN, but the docs don't elaborate further. Is there some way to configure Spring Sec 3 LDAP to use "the MS way" or do I have to write my own Authenticator implementation (against e.g. the java.naming.directory package, which I've tested to be able to use the MS syntax as its SECURITY_PRINCIPAL)?

    Read the article

  • PageMethods security

    - by TenaciousImpy
    Hi, I'm trying to 'AJAX-ify' my site in order to improve the UI experience. In terms of performance, I'm also trying to get rid of the UpdatePanel. I've come across a great article over at Encosia showing a way of posting using PageMethods. My question is, how secure are page methods in a production environment? Being public, can anyone create a JSON script to POST directly to the server, or are there cross-domain checks taking place? My PageMethods would also write the data into the database (after filtering). I'm using Forms Authentication in my pages and, on page load, it redirects unauthenticated users to the login page. Would the Page Methods on this page also need to check authentication if the user POSTs directly to the method, or is that authentication inherited for the entire page? (Essentially, does the entire page cycle occur even if a user has managed to post only to the PageMethod)? Thanks

    Read the article

  • firefox extension security issue

    - by rep_movsd
    I'm writing a firefox addon that logs certain user activity and displays some statistics on a webpage. When the page is opened, the page sends an event to the addon. The addon adds data to the page and sends an event back, and the page refreshes the statistics. Now how do I ensure that the extension only puts the (sensitive) data on the right page and not some other malicious one? Thanks V

    Read the article

  • Good Guide For Web App Security?

    - by QAH
    Hello! I am pretty good on making web applications and I know how to transfer data to and from client/server, etc. I need some help though learning how to make the data exchanges more secure. That is the reason why I feel kind of scared to publish any web app I make. I wanted to know what are some good guides to help you understand and learn how to secure data transfer with your web application? Things like better authentication for example and making better logins. You can post any suggestion, but just for your information, I mainly code my web apps with Javascript and PHP. Also, I transfer my data using JSON or XML. Thanks a lot

    Read the article

  • Security for ASP.NET application running on intranet / VPN

    - by Ryan
    Hi, I have an ASP.NET app that sits on our intranet, using the WindowsIdentity to identify the user: WindowsIdentity wi = HttpContext.Current.User.Identity as WindowsIdentity; if (wi == null || wi.Name == null) { noAccess("No WindowsIdentity"); return; } string username = wi.Name; if (username.Contains("\\")) username = username.Substring(username.LastIndexOf("\\") + 1); This works fine on our Intranet. However, when users from other offices (separate network, with firewall open) they get a password request input box. Why are they getting the password dialogue? What is the recommended way identify users of the app? I want to avoid using password, but windows identities. Anyone attempting to access the application is inside a trusted network. Thanks a lot for any help Ryan

    Read the article

  • Locking down RAD Studio internal browser security.

    - by HMcG
    I use Firefox as my web browser, mostly for access to add-ins such as Flashblock and No-script. I noticed yesterday that the RAD Studio internal browser used for the Welcome Page etc has scripting and Active X etc enabled. Is there a way to disable scripting, or better still, block all access to non-local sources in the built-in browser?

    Read the article

  • Thoughts on security model to store credit card details

    - by Faisal Abid
    Here is the model we are using to store the CC details how secure does this look? All our information is encrypted using public key encryption and the keypair is user dependent (its generated on the server and the private key is symmetric encrypted using the users password which is also Hashed on the database) So basically on first run the user sends in his password via a SSL connection and the password is used with the addition of salt to generate an MD5 hash, also the password is used to encrypt the private key and the private key is stored on the server. When the user wants to make a payment, he sends his password. The password decrypts the private key, and the private key decrypts the CC details and the CC details are charged.

    Read the article

  • Quick question about PayPal IPN Security

    - by Alix Axel
    PayPal IPN sends a POST request with a variable number of fields to the notify URL, in order to confirm that the POST request is legit we need to resubmit the same request along with a additional cmd=_notify-validate field to PayPal, which then replies SUCCESS or FAILURE. My question is, why do we need to resend the request to PayPal? Wouldn't something like this work? if (preg_match('~^(?:.+[.])?paypal[.]com$~i', gethostbyaddr($_SERVER['REQUEST_ADDR'])) > 0) { // request came from PayPal, it's legit. } Iff we can trust the server to correctly resolve IPs, I assume we can trust PayPal POST requests, no?

    Read the article

  • Asp.net Security: IIdentity.IsAuthenticated default implementation.

    - by Pickels
    Hello Stackoverflowers, I am writing my own custom Identity class which implements IIdentity. I don't need to change the default method IsAuthenticated but so now I was wondering how does the default IIdentity determines if it should return true or false? I thought to find the answer in the FormsAuthenticationTicket I am using but not sure if that is correct. Thanks in advance, Pickels

    Read the article

< Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52  | Next Page >