On 10/11/2013 15:01, Νίκος Αλεξόπουλος wrote:
Στις 10/11/2013 3:49 μμ, ο/η Antoon Pardon έγραψε:
Op 10-11-13 11:32, Νίκος Αλεξόπουλος schreef:
Στις 10/11/2013 12:20 πμ, ο/η Chris Angelico έγραψε:
There are two major problems with
what you did here, Nikos, and they are:
1) Starting with a hopelessly insecure system and then trying to
band-aid patch it one vulnerability at a time, which is folly; and
2) Boasting that your system was now secure.
The main issue is the boasting, which is utterly unwarranted
arrogance.
,,,
Ha, ha ha!
I'm safe now!!
No breaks in this time!
You just can't help yourself, can you? I predict your database will
be broken in, within a week, after which you will plug one leak
and after an other day boast again about how secure your system is,
because you hadn't had a break in after your latest "fix".
It won't break again. 'page' variable cannot be manipulated by arbitrary
url strings no more.
This time is fixed for good.
Your predictions are wrong.
I'm not a gambling man, but I'd put my house on the fact that your site
is so insecure that even the little fingers of my team can get in.
--
Python is the second best programming language in the world.
But the best has yet to be invented. Christian Tismer
Mark Lawrence
--
https://mail.python.org/mailman/listinfo/python-list
