Ruby’s Big Flaw - Security Vulnerability
Now that everyone’s freaking out about the vulnerability in Ruby, I had to investigate what the deal was. Here are the list of links:
- Zed Shaw’s Rant - don’t just dismiss it. I found it to be the most informative and interesting since others really didn’t provide the “satisfying” details.
- Jeremy Kemper’s Official Rails Blog Entry - check out the comments.
- Eric Monti’s Code Sample - actual demonstration of the vulnerability.
- Peter Cooper’s Comprehensive Blog Post - this has it all.
Personally, I’m not too concerned as I’ve been doing “Paranoid Programming” for long long time, and I won’t lose sleep over this (read Zed’s rant before jumping all over me). HOWEVER, it doesn’t mean I’m going to sit here and do nothing. I’m upgrading to the latest patch to avoid any unseen mishaps.
I just wonder what this will do to the future of Ruby. This seems to be a major setback for those promoting Ruby in the Enterprise, since it’s the perception that matters, not the facts. Although I love Ruby as the language, I was always put off by those promoting Ruby as the “perfect” solution to everything. Let’s face it, there’s no such thing as perfectly secure language/platform/OS.
Comments
Leave a Reply
You must be logged in to post a comment.
-
Get a head start on building a Rails-based membership site with the SaaS Rails Kit.
-
Recently Written
- Linux Text Editor for Ruby and Rails
- Mentoring Sessions Coming!
- Pardon The Interruption
- iPhone App + Rails App
- Rails Job 09July2008
- Mac OS 10.5.4 Update Breaks My App!
- Ruby Vulnerability Fixed In Ubuntu Hardy Heron
- Ruby’s Big Flaw - Security Vulnerability
- Cell Phone Minute Calculation
- Dumb People Looking for Even Dumber People
-
Categories
-
Archives
-
Blogroll
-
Admin