Loosely, yes. The object in memory is what needs to be checked, though, not the object as it's stored on the hard disk.You want to make something like an md5sum of a compiled method?
Unfortunately, the aim is to ensure that a certain server-side script is being accessed by a clean, untampered applet. Thus, if I don't have a check on the object in memory, all other checks could be rendered useless.You could read the class-File and check that, or decompile it first, and then check.
No, just the once.What if the method is calling another method - do you need to check that recursively?
Twey
I may be barking up completely the wrong tree here; there may be a very easy way to do this. I don't know.
Tony Morris
Java Q&A (FAQ, Trivia)
Twey
Unfortunately, the aim is to ensure that a certain server-side script is being accessed by a clean, untampered applet. Thus, if I don't have a check on the object in memory, all other checks could be rendered useless.
Twey
Originally posted by Christopher Robinson:
MITM attacks were something I hadn't even considered, and I don't think I will; I doubt anyone would go to that much trouble to tamper the data. No, I'm more concerned about someone simply sending data to the server-side script; I want to ensure that the data comes from this applet, and that the applet itself hasn't been tampered with in any way.
Tony Morris
Java Q&A (FAQ, Trivia)
Twey
Originally posted by Christopher Robinson:
I have a CGI script on the server which will save some data to a database. However, I want to ensure that this data originates with the applet, and not just someone telnetting in and submitting a POST request. I also want to ensure that the applet itself (not the data; I do recognize the need for protecting this too, but that's a topic for another question) has not been tampered with (I.E. decompiled and edited).
Tony Morris
Java Q&A (FAQ, Trivia)
Twey
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime. |