Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

merlyn (47)

merlyn
  merlyn@stonehenge.com
http://www.stonehenge.com/merlyn/
AOL IM: realmerlyn (Add Buddy, Send Message)
Yahoo! ID: realmerlyn (Add User, Send Message)

PAUSE-ID: MERLYN [cpan.org].
See my home page [stonehenge.com].

Journal of merlyn (47)

Monday September 10, 2007
10:34 AM

Excuse for lack of security

[ #34405 ]

Often, when I warn of security concerns for newbie web programmers, they retort "but I don't have anything of value... it's just my blog, so I don't care".

The point is, they have a server. It's a potential spamming location, or anonymous platform from which to launch more dangerous attacks. What they have is net and CPU. That's useful to someone.

Maybe there should be some sort of license before you're allowed to expose a web server to the public net. {sigh}

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • ...when I would have disagreed with you :). Spending the last few years as a syadmin have opened my eyes, however. If I ran an ISP that provided webspace of any kind, I'd have a code review team that would have to approve the code before the users can upload something potentially dangerous. Sounds kinda harsh and big brother like, but I see it as protecting my other users, and my investment in bandwidth & hardware. If you want to throw up your own code and don't care about what happens, get your own
    --

    --
    A conclusion is simply the place where someone got tired of thinking.