aspose file tools*
The moose likes Struts and the fly likes DMI problemas and issues Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "DMI problemas and issues" Watch "DMI problemas and issues" New topic
Author

DMI problemas and issues

Matheus Mendes
Ranch Hand

Joined: May 15, 2007
Posts: 66
Hi Guys !

Recently an issue relating to DMI was related in struts security bulletins, the following links show what I'm talking about:
http://struts.apache.org/release/2.3.x/docs/s2-019.html
http://struts.apache.org/release/2.3.x/docs/s2-018.html

I'm refactoring my Java application, and I saw that It is heavily based on DMI. My question is, what is the security flaw that I could be exposed ?

Thinking that DMI will just expose my public Action methods, one way or another It is already exposed in my application. I'm wondering if I'm being too simplistic and forgetting some blind spot that could lead me into real security issues.

[]s


The Death of one is a tragedy, but the Death of a million is just a statistic. Joseph Stalin

SCJP 6.0, SCJD
 
wood burning stoves
 
subject: DMI problemas and issues