Reputation: 26142
Node.js security: protection from unauthorized change
Is it possible to host and run Node.js in some packed/signed state, to make unauthorized to change to application logic impossible for those who have an access to the server?
And make level of node.js application security acceptable for use for example in financial sector industries?
Upvotes: 1
Views: 207
Answers (1)
Reputation: 1423
Why wouldn't you just limit the user account access to now be able to access node?
Since node.js is such a new development technology the chances of it being used in financial sector are slim to none. New technologies mean high risk and that's the last thing anyone in the financial area needs. Most financials will go with Java from what I've seen.
Something that's compiled on the server is less likely to be tampered with: 1) Source code isn't readily available 2) Changes to the app usually require a restart 3) Compiled code is less likely to have injections, however there can be bugs and security flaws as well, but something like PHP is high risk if someone gets a hold of your .php file.
Upvotes: 1
Related Questions
- Node.js server side code protection
- Is a node process protected if its JavaScript files changes on the filesystem?
- Nodejs authorization approaches
- How to secure node js API
- node.js code protection
- Node.js File Security
- Ways to secure Server communication
- JavaScript, node.js and security
- Security in Node.JS Webserver