Hi Paul, Thanks for your feedback. Good to hear you do not expect any major issues. Nevertheless, I fear your encuraging words will not convince my security officer straight away ;) Should anything pop up I'll share that within this community.
Cheers, Niels On 01/18/2011 02:22 AM, Paul Lindner wrote: > I am not aware of any specific security audits for Shindig. I've done > informal reviews internally and there hasn't been anything specific > that comes up. > > Most of the issues will probably involve how well you manage the > business logic mappings for the various shindig handlers. In this > case there's a lot of policy variation so I would conclude that any > security review would probably not be of much use. > > > On Tue, Jan 11, 2011 at 7:20 AM, Niels van Dijk > <[email protected]> wrote: >> Hi All, >> >> We are going to deploy a shindig 2.0 based platform very soon. As part >> of the deployment we need to do a security audit. >> >> I was wondering if anyone had already done that already and if the >> results of that audit are available somewhere. I can imagine that some >> results may be confidential, but I also think several recommendation >> might be more generic for Shindig, and not for the local setup. I would >> also be intrested in Shindig 1.x audits to have some sort of reference. >> >> many thanks! >> Niels >> > >
