Yeah, are the OWASP guidelines any good here? http://owasp.cvs.sourceforge.net/*checkout*/owasp/guide/current%20draft.pdf
I'd be happy to assist with any work towards creating functionality to harden the framework :) Lee Bolding w: http://www.leesbian.net -----Original Message----- From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of Ant Cunningham Sent: 17 January 2008 19:47 To: [email protected] Subject: [symfony-users] Re: Listing your page as using symfony a security issue? On 1/17/08 2:34 PM, "Fabian Lange" <[EMAIL PROTECTED]> wrote: > And what about building in more security by default? > > e.g. accepting just localhost connections by default in the _dev frontends > (which have to be consciously be modified to enable remote logins?) > I think this is a great idea. Taking it a step further it would be if there was a built in mechanism to allow access to the dev by ip as well easily within the configuration. Its not a big hassle to code yourself but itd be nice if all you had to do was flip a cute little yaml switch :-) -ant --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
