How can I secure an webservice so my clients can use it on their applications without having to fear that their api keys will be used in other applications? ...
Hi, Is there an alternative in OpenSSL to SSL_set_connect_state()/SSL_set_accept_state() for X.509 certificate based authentication? The problem is that in my application the client and server do not communicate using sockets, and the establishment of direct connection between them is not possible. So what I want from OpenSSL is to 'e...
Can one run Django in a chroot? Notably, what's necessary in order to set up (for example) /var/www as a chroot'd directory and then have Django run in that chroot'd directory? Thank you - I'm grateful for any input. ...
Pretty pointless but if i encrypt something with my own cypher (i'll assume it is wrong and bad) then encrypt it with something like AES or another known good cypher would that data be safe? Logically i say yes because the top layer is secure. Does anyone know for sure? ...
Howdy folks, I have a customer that sells a lottery analysis application. In this application, he consumes a webservice (my service, I mean, belongs to the company I work for now) to get statistical data about lottery results, bets made, amounts, etc., from all across the globe. The access to this webservice is paid, and each consult co...
it's can be apply not only to wordpress. But to all blog platform that can be installed into a server and shared host. so, What do you do via PHP coding or pluggin or any method to secure your installation ? ...
I need to create a desktop application that will run third party code, and I need to avoid the third party code from export by any way (web, clipboard, file io) informations from the application. Somethig like: public class MyClass { private String protectedData; public void doThirdPartyTask() { String unprotedtedData...
Does anyone know if it is possible to use HTTPS with OpenRasta rather than plain HTTP? I need HTTPS so that sensitive information can be transferred without any risk.. ...
We need to insert a web beacon (i know taboo) in to adobe PDFs to know when they are opened, as one of our clients is moving to a model of "giving" their documents away and following up repeat viewers for subscriptions. Its not enough to be able to provide a download, they want to attach the PDF to an email and "blast" to directed recip...
Of course I know is possible to create a file with a certain size and how to do it. But is it possible to create a file with a certain size and also a certain MD5 fingerprint? ...
In another discussion, someone say something about run the java code on its own jvm, which ignores SecurityManager. Is it possible? (and as easy as saying?) ...
I found the following claim in the documentation for Net::OpenSSH: Note that using password authentication in automated scripts is a very bad idea. When possible, you should use public key authentication instead. What's flawed in using password authentication in automated scripts? ...
I would like to run an applet on firefox 3.6 on ubuntu 10.4. and I start firefox with sudo on command line to see the java console output. My appplet code changes some policies and it works fine on windows. But on ubuntu I get this error: java.lang.SecurityException: Changing the SecurityManager is not allowed. at net.sourceforge.jn...
We are looking for a security solution for asp.net that has security down to the control level. This is not a necessity but, it would be nice. At the very least it needs to extend-able to allow for control level permissions. The solution should have an administration panel of some sort. It also needs to support roles, groups, and indiv...
Since 2005, when Microsoft prevented HtmlHelp functioning off a network share, e.g.: \\appserver\tos\PointScanner.exe \\appserver\tos\PointScanner.chm What are we supposed to do instead? (Given that the application is not installed locally.) To rephrase: What is Microsoft's intended, supported, out-of-the-box, help solution? ...
I am trying to physically do the PK & FK relationships below using the MVC Security tables & Views to connect the loggedon (UserId, UserName & Email) to the Profile Table where I will save (FullName, TimeZone, Picture). I understand all the related coding but have been unable to use the Security View(vw_aspnet_MembershipUsers) properly i...
So a bit of background, I'm working on an existing web application which has a set of users, who are able to log in via a traditional login screen with a user name and password, etc. Recently we've managed to score a client (who have their own Intranet site), who are wanting to be able to have their users log into their Intranet site...
I just wanted to know what are some basic PHP security techniques I should use when creating a web page that accepts articles? I'm fairly new to PHP and was wondering what will hold the fort down until I'm a security expert? ...
I have been writing web applications for quite sometime in PHP with MySQL. I always stored my database connection information into a configuration variable and connected to the database that way. A client wants a java applet for their website to communicate with their database. I'm very hesitant on this because the applet is going to be...
You know, I think I have to check current user in the model callbacks (like before_update). Rather than rely solely on adding where ('something.user_id = ?', 'current_user.id') in the controllers. I need something like Thread.CurrentPrincipal in .NET Is it safe to put reference to current user in User model? I'm sorry I don't really unde...