Yes, we could probably end up doing a review, I¹m sure they wouldn¹t mind :).
On 2/7/16, 2:05 PM, "Christian Folini" <christian.fol...@netnea.com> wrote: >Good evening, > >On Sat, Feb 06, 2016 at 03:53:06PM +0000, Chaim Sanders wrote: >> This is very helpful, recently I've come to share in some views of the >>community that libinjection isn't the most well supported/reviewed of >>all the projects on github. Fortunately compared to many other projects >>it is quite small from a codebase perspective and as a result the attack >>surface isn't outrageous, and reviewing it is reasonable. That being >>said we NEED to continue to including other rules that suppliment >>libinjection in case of a bypass, which is what we do in v3.0.0-rc1 :) > >Chaim, I remember you stating, that you guys might be able to >help the libinjection project with a code review. Is this >still an option? I think it would be very helpful and fix a >sore spot. > >The fact that the codebase is of a reasonable size give me >hope. > >Ahoj, > >Christian > > >-- >Seek simplicity, and distrust it. >-- Alfred North Whitehead ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
