[Nitro] Security problems

Rob Pitt rob at motionpath.com
Sat Nov 12 10:43:38 EST 2005


I have not noticed anything. I'm sure you are aware of SQL injection,  
anywhere that fragments of SQL queries have a user-specifiable  
component in some manner they must be quoted properly. This would be  
my main concern but I have not noticed anything that would cause this  
problem...

BTW on the note of commercial projects using Nitro, we have completed  
2, launched one and are working on a third :)

On 11 Nov 2005, at 08:41, George Moschovitis wrote:

> Dear devs,
>
> I am wondering if anyone has found (or can find) any security problems
> with Nitro. Moreover, If anyone can suggest any common security
> measures that could be wrapped in a controller helper/aspect I would
> like to know. Even urls for (authoritive) articles regarding web site
> security would be helpful.
>
> Thanks in advance,
> George.
>
>
> --
> http://www.gmosx.com
> http://www.navel.gr
> http://www.nitrohq.com
>
> _______________________________________________
> Nitro-general mailing list
> Nitro-general at rubyforge.org
> http://rubyforge.org/mailman/listinfo/nitro-general




More information about the Nitro-general mailing list