On Friday 25 September 2009 12:27:53 Simon Willison wrote: > Do you have any further information on the WordPress problems?
No, I can't find it. It might not have been WordPress. All I remember is that it was along the lines of what I outlined in my previous e- mail -- one part of the application was essentially allowing the user to retrieve MD5(secret_key + user_supplied_data) (might have been HMAC or SHA1), which allowed them to get past another bit of security. Luke -- "Smoking cures weight problems...eventually..." (Steven Wright) Luke Plant || http://lukeplant.me.uk/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
