Support digitally signing r-code and r-code libraries. Enforce that only signed code can execute. - OpenEdge Development - Products Enhancements - Progress Community

 OpenEdge Development

Support digitally signing r-code and r-code libraries. Enforce that only signed code can execute.

With the increase in security breaches out there, it is becoming a requirement that we be more security conscious and make sure we are in control of what is running on our systems.  We have to go through pen testing and security audits to ensure we are making the right decisions and keeping client data safe and secure.  Progress is lacking the ability to digitally sign your r-code and r-code libraries and the ability to ensure only signed code is executing in our applications.  I have to file for an exception with our auditor due to the lack of this ability in Progress.  Hopefully they will allow the exception, but it is a matter of time before the stop allowing it and require that we only allow digitally signed code on our applications.  Please add this to the list of items that are important for everyone's futures as application developers who are security minded.

Comments
  • +1

  • I am willing to discuss our need for this if you need more information or have any questions.

  • +1. We are getting internal auditor pressure to deliver this capability with our product.

  • +1

  • Could anyone from Progress give any feedback on this one? Any chance this could get on the road-map, as it gets more important every day...