Tomcat Developers, I'm early in some research focusing on software analyses, specifically those related to data security. As a part of this work I'd like to show through the theory and application that there is in fact no way for protected information to "leak" out from that code designated to handle the protected information. Passwords would definitely be protected as would, perhaps, the code segments designed to manipulate the passwords.
While I understand that the libraries and extensions used by Tomcat *should* provide that assurance, what would happen if someone inadvertently wrote some code that could create a new object with rights never intended by developers? My question really is whether or not the development community considers the particular question interesting or relevant, as I look at Tomcat as a possible test case for my analysis. David --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
