[Seaside] out of box security on seaside 3.0...?
Julian Fitzell
jfitzell at gmail.com
Tue Jul 6 17:04:08 UTC 2010
On Tue, Jul 6, 2010 at 10:43 AM, stephane ducasse
<stephane.ducasse at free.fr> wrote:
>
> On Apr 22, 2010, at 11:50 PM, Lawson English wrote:
>
>> Hey all, I am told that there are differences in default security between 2.8 and 3.0. A friend managed to crack 2.8 in many different ways by forcing things into the default debugger mode and then issuing 1-line smalltalk commands in the debugger workspace pane.
If you have any of the development tools loaded (or at least active)
you certainly do not have a secure system. In 2.8 the best you could
easily do is disable them. In 3.0 you have the option of completely
unloading (or never loading in the first place) the packages.
Julian
More information about the seaside
mailing list