[ es ]
During the conception phase of this application, the privacy was so relevant to take some of the architectural decisions. The level of privacy of this application permits to work with a database and its data without any risk .
This is an open source application, and in this way, the users can know the implementation details. In addition, there is a politic of "Full and Public disclosure" that permits the application to be continuously improved, once problems have been detected.
In order to assure the privacy of data that this application offers, it is recommended to download the official version that can be found in this site https://sourceforge.net/projects/zemucan/files/ .
This application may lead you to expose your data, by being recorded in the operation logs of the application. Those logs are generated according to the logging configuration that was established. If the logging is activated and configured to write in a file, remember to delete those files or stock them in a safe place. The default configuration of the application logging does not record any sensible information.
This danger of exposing the data currently exists with the command already executed registry, that can be found in the .history file in Unix/Linux (also .bash_history) and you can see the content of this file with the history command.
db2 connect to dbName user john using doe
Here, the password is being registered in the log file. This kind of practices must be avoid, and the command has to be executed just till the part ...user john , leaving DB2 to ask the password and in this way, the password will not be registered in the log file.
db2 insert into cards values ("John", "Doe", "36457837182", "2009-04")
This command leaves undercover information about a credit card of client.
This problem exists in the command line (such as bash, zsh, etc.), the DB2 console called clp (which also has a history of executed commands) and in this application. The recommendation is to clear the history log file when those types of operations with sensitive information have to be done.
This application can register in the log files, the structure of the database, including instance's name, databases, and the internal objects of them (tables, views, users, groups) as that some external elements such as file system structure of network structure.
For more information about the implementation of the privacy, please look at the privacy section of the latest stable version .
The operation logs of this application are printed in the screen by default (they are sent to the standard output.)
However, for software improving reasons, there is a second type of log that can be activated. This type of log writes the data in a file called sa.log with a more detailed level. Moreover, there, you could eventually see sensitive information.
If the default configuration has been modified, take a look of the log system in the logback.xml file.
The DB2 commands execution is delegate to the CLP console, and it is the responsible of checking the command. If you are going to establish a connection, this application does not keep the control of the active connection. For this reason, it can be sure that Zemucan cannot misuse the established connections, because it does not know their states.
The last item is part of the application design, however the implementation could have some modifications, and with the application's evolution the focus could have been changed. For this reason, please refer to the application's license: GNU LESSER GENERAL PUBLIC LICENSE (LGPL) Version 3.
This application is Open Source, and this offers security to the users, because they can see its internal operation. There are no hidden parts.
This is the security given to the users if they use the official distribution. However, part of being Open Source, the application can be modified and expose the user to attacks or Back Doors. ( Backdoors ). For this reason, it is recommended to use the last official version .
[ es ]