Switch to Linear ModeSwitch to Hybrid ModeSwitch to Threaded Mode
Printer Friendly View | Email this page | Register Now to start posting!
proyb2 M'mmmmm...

Join Date: Jun 2005
Posts: 17,915
Trade rep: 0 (100%)
Infractions: 0/0 (0)
What The Rails Security Issue Means For Your Startup proyb2 Feb 1st, 13, 10:41 PM #1

Not my blog, it's quite a comprehensive articles for RubyOnRail developers and also applicable for any web developers.
Disclaimer: I'm not in anyway suggested that RoR is a bad development tools. Security wise, I would still suggest having a secure CDN can reduce the zero-day attack to a minimum.

What The Rails Security Issue Means For Your Startup | Kalzumeus Software

January has been a very bad month for Ruby on Rails developers, with two high-severity security bugs permitting remote code execution found in the framework and a separate-but-related compromise on rubygems.org, a community resource which virtually all Ruby on Rails developers sit downstream of. Many startups use Ruby on Rails. Other startups don’t but, like the Rails community, may one day find themselves asking What Do We Do When Apocalyptically Bad Things Happen On Our Framework of Choice? I thought I’d explain that for the general community.
the Rails community has downplayed security with attitudes like this for years;

Get 20 years webhosting package less than 25-cents a month [100 Uptime]
Last edited by proyb2; Feb 1st, 13 at 10:47 PM..
Thread Tools Display Modes
Linear Mode Linear Mode