Good evening, On Sat, Feb 06, 2016 at 03:53:06PM +0000, Chaim Sanders wrote: > This is very helpful, recently I've come to share in some views of the > community that libinjection isn't the most well supported/reviewed of all the > projects on github. Fortunately compared to many other projects it is quite > small from a codebase perspective and as a result the attack surface isn't > outrageous, and reviewing it is reasonable. That being said we NEED to > continue to including other rules that suppliment libinjection in case of a > bypass, which is what we do in v3.0.0-rc1 :)
Chaim, I remember you stating, that you guys might be able to help the libinjection project with a code review. Is this still an option? I think it would be very helpful and fix a sore spot. The fact that the codebase is of a reasonable size give me hope. Ahoj, Christian -- Seek simplicity, and distrust it. -- Alfred North Whitehead _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
