Let's try some scenarios and if those can be pulled out then I'd say it's
safe to assume this is an issue:
1. Upload a webshell (in a war, php, asp[x], jsp or similar file) and have
it executed by YouTube;
2. Upload a malicious file (pdf, swf, jar or similar file which exploits a
known or unknown
This is one of the most fun threads I've read in fd, and that's no small
feat. Thanks for the laughs.
On Fri, Mar 14, 2014 at 3:00 PM, Nicholas Lemonias.
lem.niko...@googlemail.com wrote:
The full-disclosure mailing list has really changed. It's full of lamers
nowdays aiming high.
On
Not including proper input validation and error handling in code samples is
one of the most common and harmful practices in the software development
industry -- doing it is not optional or advanced, it is mandatory
unless you want to be pwned.
Developers need to start doing things properly from
On 6 Mar 2013 10:41, Ulisses Montenegro ulisses.montene...@gmail.com
wrote:
Not including proper input validation and error handling in code samples
is one of the most common and harmful practices in the software development
industry -- doing it is not optional or advanced, it is mandatory
Google Docs is your friend here:
https://docs.google.com/gview?url=http://some.server/path/whatever.pdf
Of course it is a matter of time before someone is exploiting that, but the
attack surface is still way smaller than running a PDF viewer on your
machine, potentially under a user identity
If I understand the OP correctly, he is not stating that listing something
in robots.txt would make it inaccessible, but rather that Google indexes
the robots.txt files themselves, and makes the contexts of those available
for query. So, in a way, they make it easier for Google search results
I'm not a big fan of IDEs for dynamically typed languages, but if I had to
choose one I'd go with Komodo:
http://www.activestate.com/komodo-ide/features
It's multiplatform (don't know about how licenses work when using it across
platforms), reasonably fast and offers lots of extra goodies aside
On Fri, Feb 18, 2011 at 3:40 PM, Charles Morris cmor...@cs.odu.edu wrote:
I am very aware I must compromise this belief when working in the market,
like most of my other beliefs and morals, and I do so daily.
Then I go home and cry myself to sleep.
Charles
One of the most insightful, even