This content has been marked as final.
Show 3 replies
-
1. how to verify war signature at runtime
nickarls Feb 15, 2011 5:31 AM (in response to javatwo)If someone gets as far as modifying files on your server, it's pretty much game over as he can undo most checks that you can do.
You could burn the checksum on a read-only media and have an external job check it every 5 minutes against the war and do a shutdown if it fails ;-)
-
2. how to verify war signature at runtime
javatwo Feb 16, 2011 1:25 AM (in response to nickarls)But I do not know which war to check because hacker can change war name.
-
3. how to verify war signature at runtime
nickarls Feb 16, 2011 1:49 AM (in response to javatwo)Hmm. Perhaps you could check the absolute path of a File handle to something inside the archive?
But like I said, if someone has shell access to your system it's pretty much game over.