the shell app @ http://shell.appspot.com/ - are there any security implications besides allowing users to use arbitrary quota resources (the url fetch in particular comes to mind)?
for example, could someone use the shell to retrieve someone else's session id? i'm looking at the code and it seems like the encapsulation of new.module is the extent of the separation between sessions. but i'm not sure to what extent new.module's encapsulation is hermetic. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
