|
|
|
|
|
|
by static_typed
4884 days ago
|
|
|
Finally someone else gets it. Security is not solved by a gem install makerailsmadsecurer. Security is a process, and it does not stop. How many people install gems happily without really understanding what it actually permits? Especially when run as root?
How many people understood the always-on, Yaml parser approach that has been responsible for some of the recent security issues in Ruby land? Given it is possible to write secure software and frameworks, why don't we see this in Ruby land? |
|
|