Actually, i see it as positive news. Someone tested GAE boxes, found some issues and reported it to Google. I am sure team at Google will deal with this as a matter of urgency.
I would advise Google to actually to contract that team to do full vulnerability test. On Friday, December 12, 2014 9:44:49 AM UTC, Drew Spencer wrote: > > I'm not usually the kind of person to shout "Fire!" too quickly, but I > have to admit this is worrying me. I wonder how serious these flaws are? > Getting out of the sandbox seems pretty big, but then I don't know much > about JVMs. > > > http://www.computerworld.com.au/article/562168/over-30-vulnerabilities-found-google-app-engine/ > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/google-appengine. For more options, visit https://groups.google.com/d/optout.
