WebApp Sec: Re: secure storage of sensitive data in J2EE

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

WebApp Sec mailing list archives

Re: secure storage of sensitive data in J2EE

From: Richard Moore <rich () westpoint ltd uk>
Date: Wed, 09 Feb 2005 16:13:17 +0000



Ashish Popli wrote:

Cant we simply force garbage collection when you are done using the object?
Here is a link.
http://java.sun.com/docs/books/tutorial/essential/system/garbage.html


Unfortunately, AFAIK this doesn't guarantee that all objects that
could possibly be collected /will/ be collected. To check the
behaviour for your JVM/app you can use the -verbose:gc of the java
binary. It's also worth checking if you are using flags like
-Xnoclassgc too.

Cheers

Rich.
--
Richard Moore, Principle Software Engineer,
Westpoint Ltd,
Albion Wharf, 19 Albion Street, Manchester, M1 5LN, England
Tel: +44 161 237 1028
Fax: +44 161 237 1031

By Date By Thread

Current thread:

Re: secure storage of sensitive data in J2EE, (continued)
- RE: secure storage of sensitive data in J2EE Benjamin Livshits (Feb 09)