Re: [web2py] Re: web2py and security
I am not too active or up to date on security, I assume you already looked at: http://www.web2py.com/book/default/chapter/01#Security and at the end of the section it referenced generic python security here: http://www.pythonsecurity.org/ Rufus On 2/11/2015 8:23 AM, James O' Driscoll wrote: Rufus, I am asking how to configure web2py for maximum security. I am not an expert either but you cannot be too careful. I am just looking for general good sources of info. Regards, James On Sunday, November 23, 2014 at 6:55:52 AM UTC+10, Rufus wrote: What aspect of security are you concerned about? Are you asking how to configure web2py for maximum security? Are there aspects of the security model you feel need boosting? Have you read the manual about web2py and security? I'm not an expert, but as I understand it, security was one of the prime design goals of web2py. On Wednesday, November 19, 2014 8:42:12 PM UTC-5, James O' Driscoll wrote: Are there any good resources on how to boost the security of web2py. Regards, James -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to a topic in the Google Groups web2py-users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/web2py/0sHTAb54xqM/unsubscribe. To unsubscribe from this group and all its topics, send an email to web2py+unsubscr...@googlegroups.com mailto:web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [web2py] Re: web2py and security
On Wednesday, February 11, 2015 at 8:07:10 AM UTC-8, Rufus wrote: I am not too active or up to date on security, I assume you already looked at: http://www.web2py.com/book/default/chapter/01#Security and at the end of the section it referenced generic python security here: http://www.pythonsecurity.org/ Rufus Also, back in August Massimo posted this: About security (a). You cannot beat the security of web2py. Friday I am giving a talk at OWASP in Orange County about this. I will post slides. The University where I teach was one of the first in the country to receive a certificate of excellence from the NSA. This was not about web2py but this is to say we are security experts. URL:https://groups.google.com/d/msg/web2py/jao7o735bBM/YtFeclUntwcJ Also note that web2py takes care of several security issues that other environments leave to the individual developer, who might not be trained to think of security issues. (OWAPS-OC is a local chapter of *The Open Web Application Security Project *. You might see if you have a chapter in your area, or browse for their materials. The chapter link is URL:http://www.meetup.com/OWASP-OC/) /dps -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[web2py] Re: web2py and security
Rufus, I am asking how to configure web2py for maximum security. I am not an expert either but you cannot be too careful. I am just looking for general good sources of info. Regards, James On Sunday, November 23, 2014 at 6:55:52 AM UTC+10, Rufus wrote: What aspect of security are you concerned about? Are you asking how to configure web2py for maximum security? Are there aspects of the security model you feel need boosting? Have you read the manual about web2py and security? I'm not an expert, but as I understand it, security was one of the prime design goals of web2py. On Wednesday, November 19, 2014 8:42:12 PM UTC-5, James O' Driscoll wrote: Are there any good resources on how to boost the security of web2py. Regards, James -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[web2py] Re: web2py and security
What aspect of security are you concerned about? Are you asking how to configure web2py for maximum security? Are there aspects of the security model you feel need boosting? Have you read the manual about web2py and security? I'm not an expert, but as I understand it, security was one of the prime design goals of web2py. On Wednesday, November 19, 2014 8:42:12 PM UTC-5, James O' Driscoll wrote: Are there any good resources on how to boost the security of web2py. Regards, James -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.