如果不谨慎地控制谁对文件系统有写访问权限,用户只需手工编辑配置文件,就可以破坏产品的安全性控制(比如审计)。
If you do not carefully control who has write access to the file system, a user can subvert the product security controls (such as auditing) by simply hand editing the configuration files.
例如,对于队列,使用一个MQQUEUE概要文件来控制对该队列的访问,但是mqadmin类中的其他概要文件用于控制上下文和用户安全性。
For example, for a queue, an MQQUEUE profile is used to control MQI access to the queue, but other profiles in the MQADMIN class are used to control context and alternate user security.
若要创建启用了安全性的配置文件,请在这里为该配置文件输入用户名和密码。
To create your profile with security enabled, enter a username and password for the profile here.
根据web. xml文件中指定的安全性约束,通常会定义一个或多个角色,这些角色的用户将拥有访问这些脚本的适当权限。
You would typically define one or more roles whose users would have the right the access the scripts depending on the security constraints specified in the web.xml file.
可以为应用程序资源(比如应用程序队列)定义命令资源安全性配置文件,以控制哪些用户能定义哪些队列。
You can define command resource security profiles for application resources, such as application queues, to control which users can define which queues.
虽然文本文件占用较少的磁盘空间,但数据库为广大用户提供更高的数据安全性、更轻松的数据访问和更好的可伸缩性。
Although text files take up less disk space, databases provide greater data security, easier access to the data, and better scalability for a large number of users.
另外,浏览后退的安全性非常不错,但是,如果你需要与更多的手机用户进行互动,最好的方式是设定专属时间段,并对CSS文件进行特别定义。
The security in backwards compatibility is nice, but if you’re looking to get the best response from the larger mobile audience it’s best to define specific CSS files for unique occasions.
与上下文安全性类似,如果您不打算使用替代用户安全性,那么可以定义一个UACC 为NONE 的backstop配置文件(CSQ1.ALTERNATE.USER.**),且不要向它授予任何用户访问权。
Similar to context security, if you do not plan to use alternate user security, define a backstop profile (CSQ1.ALTERNATE.USER.**) with a UACC of NONE and do not grant any users access to it.
Notes应用程序也应该安全地处理用户数据(ID文件和密码),因为这些用户数据是对安全性非常敏感的信息。
Your Notes application should also treat the user's data (ID file and password) securely as it is security-sensitive information.
可能您的代码需要缓存用户的设置或者一个临时数据文件,但是默认的安全性与允许网络部署代码访问这个文件系统。
Perhaps your code needs to cache user Settings or a temporary data file but the default security cannot allow network-deployed code to access the general file system.
这个程序可以让你存储你的各种密码,用户ID,密码锁等文件进行加密以增加安全性的列表。
This program lets you store a list of your various password, user ID's, combination locks, etc. The file is encrypted for added security.
您可以手动编辑策略文件,也可以使用代码访问安全性策略工具管理企业级别、计算机级别或用户级别的安全策略。
You can edit policy files by hand or you can use the Code Access Security Policy tool to administer security policy for the enterprise, machine, or user levels.
代码访问安全性使用权限来执行对资源的访问,因此,应考虑API是否使用文件、用户界面或线程处理,或者代码访问安全性是否允许公开受保护的信息。
Code access security USES permissions to enforce access to resources, so consider whether the API USES files, a user interface, or threading, or whether it exposes protected information.
通过定义这样的文件名,我可以管理它为任何数量的用户,而不必担心安全性(我必须完全配置谁可以访问密钥文件夹)。
By defining the file names like this, I can manage it for any number of users without have to worry about security (Ofcourse I've to perfectly configure on who can access the keys folder).
通过定义这样的文件名,我可以管理它为任何数量的用户,而不必担心安全性(我必须完全配置谁可以访问密钥文件夹)。
By defining the file names like this, I can manage it for any number of users without have to worry about security (Ofcourse I've to perfectly configure on who can access the keys folder).
应用推荐