On 8/15/06, Karl Guertin <[EMAIL PROTECTED]> wrote:
I think this is an extremely poor argument. If you trust Apache and consider the opportunity for SQL Injection, then it can be very secure. Of course Apache configurations can be too open, but overall, it is safe to say that Apache can be very secure.
Security:
JSP - don't know
PHP - poor (sqlinjection mostly)
I think this is an extremely poor argument. If you trust Apache and consider the opportunity for SQL Injection, then it can be very secure. Of course Apache configurations can be too open, but overall, it is safe to say that Apache can be very secure.
RoR - finally large enough for security issues to work their way out,
first security patch just issued, so I'd say ok or good
Django - too new to say, expected good, it's been running on LJW for a
few years and I've never seen a mention on the list of any issues
TG - too new to say, expected good, most of the components have been
in production for a few years
I haven't seen stability complaints in any of these frameworks. For TG
stability has been fine for me for the past couple months, there was
one intermittent issue running in dev mode back in Feb/March but I
haven't noticed anything since.
Seeing as most of these frameworks all run behind some other web server (lighttpd, Apache/Tomcat), security really becomes a question of how well a person defends against threats. I am not a very security conscious person, but overall application security is really the duty of the developer and not the platform or framework.
Good Luck!
Eric
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "TurboGears" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at http://groups.google.com/group/turbogears
-~----------~----~----~----~------~----~------~--~---
