[squeak-dev] smalltalk and Web stuff
Janko Mivšek
janko.mivsek at eranova.si
Sun Nov 23 13:13:16 UTC 2008
Philippe Marschall wrote:
>>>>>> AIDA/Web apps/websites are running as pure Smalltalk web presence, from
>>>>>> dynamic to static content, movies included. No Apache needed, Swazoo as
>>>>>> integral part of Aida is there to serve directly to the web.
>>>>> How do you bind port 80?
>>>> Running as a root. Danger for hackers to break into? Well, in Smalltalk
>>>> hardly :)
>>> Sorry but that's just not serious.
>> Definition of what is serious is very broad. Following blindly some "best
>> practices" is not serious for me as well. Having a right feeling for a
>> balance between many aspects of security, that's what I regard as a mature
>> seriousness.
> I have seen aritrary remote code execution vulnerabilities in Squeak
> in there is no telling of how many there are left.
Surely I'm not the only one who like to hear more concretely about those
vulnerabilities and how you can exploit them through the web.
Janko
--
Janko Mivšek
AIDA/Web
Smalltalk Web Application Server
http://www.aidaweb.si
More information about the Squeak-dev
mailing list
|