2008/11/23 Janko Mivšek <janko.mivsek at eranova.si>:
> Philippe Marschall wrote:
>
>>>>> AIDA/Web apps/websites are running as pure Smalltalk web presence, from
>>>>> dynamic to static content, movies included. No Apache needed, Swazoo as
>>>>> integral part of Aida is there to serve directly to the web.
>
>>>> How do you bind port 80?
>
>>> Running as a root. Danger for hackers to break into? Well, in Smalltalk
>>> hardly :)
>
>> Sorry but that's just not serious.
>
> Definition of what is serious is very broad. Following blindly some "best
> practices" is not serious for me as well. Having a right feeling for a
> balance between many aspects of security, that's what I regard as a mature
> seriousness.

I have seen aritrary remote code execution vulnerabilities in Squeak
in there is no telling of how many there are left.

Cheers
Philippe