Re: WebDNA security

This WebDNA talk-list message is from

2004


It keeps the original formatting.
numero = 58991
interpreted = N
texte = Man, what can I say besides... the label "IT guy" seems to be handed out when you buy a piece of bubble gum these days. He's an idiot in my opinion... It comes down to how you administer your OS/webserver, how your code is written, and the goal of the level of security you want to obtain. The guy sounds like a control freak bubble gum purchaser. :-) (how can you know something is insecure if you've never heard of it?) Donovan Patrick McCormick wrote: > I sat through a meeting with an IT department at an insurance company > yesterday. The head of IT told the group that he had never heard of > WebDNA and that it was "...a weird, third-party, add-on" and further, > that he wouldn't even consider it for his web server because of all the > publicity PHP has received for its security flaws. > > Yes, the stench of self-preservation is one of very few constants in > business. > > One particular point that IT dude was trying to make is that simply > running WebDNA on a machine exposes that machine to hacking. I'm > wondering if anyone on the lise has had a security analysis done on a > running copy of WebDNA, possibly by an organization specializing in > security analysis. > > I think all of us recognize that the quality of our code has much more > impact on security than simply running a copy of WebDNA. But, separating > that code from the discussion, is there any information about the > security pros and cons of WebDNA versus alternatives? > > Thanks, > Pat McCormick -- =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o DONOVAN D. BROOKE Eucalyptus Design <-Web Development (specializing in eCommerce), -> <-Graphic Design, and Pre-Press Consultation -> ADDRESS:> Donovan Brooke DBA Eucalyptus Design N2862 Summerville Park Rd. Lodi, WI 53555 PH:> 1.608.592.3567 Web:> http://www.euca.us =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: WebDNA security ( Patrick McCormick 2004)
  2. Re: [OT] Security in general [Was] Re: WebDNA security ( Matthew A Perosi 2004)
  3. Re: WebDNA security ( Bob Minor 2004)
  4. Re: WebDNA security ( Larry Hewitt 2004)
  5. Re: WebDNA security ( Patrick McCormick 2004)
  6. Re: WebDNA security ( "Sal D'Anna" 2004)
  7. Re: [OT] Security in general [Was] Re: WebDNA security ( "WebDna @ Inkblot Media" 2004)
  8. Re: WebDNA security ( John Peacock 2004)
  9. Re: WebDNA security ( Donovan Brooke 2004)
  10. [OT] Security in general [Was] Re: WebDNA security ( Alan White 2004)
  11. Re: WebDNA security ( Alan White 2004)
  12. Re: WebDNA security ( John Peacock 2004)
  13. WebDNA security ( Patrick McCormick 2004)
Man, what can I say besides... the label "IT guy" seems to be handed out when you buy a piece of bubble gum these days. He's an idiot in my opinion... It comes down to how you administer your OS/webserver, how your code is written, and the goal of the level of security you want to obtain. The guy sounds like a control freak bubble gum purchaser. :-) (how can you know something is insecure if you've never heard of it?) Donovan Patrick McCormick wrote: > I sat through a meeting with an IT department at an insurance company > yesterday. The head of IT told the group that he had never heard of > WebDNA and that it was "...a weird, third-party, add-on" and further, > that he wouldn't even consider it for his web server because of all the > publicity PHP has received for its security flaws. > > Yes, the stench of self-preservation is one of very few constants in > business. > > One particular point that IT dude was trying to make is that simply > running WebDNA on a machine exposes that machine to hacking. I'm > wondering if anyone on the lise has had a security analysis done on a > running copy of WebDNA, possibly by an organization specializing in > security analysis. > > I think all of us recognize that the quality of our code has much more > impact on security than simply running a copy of WebDNA. But, separating > that code from the discussion, is there any information about the > security pros and cons of WebDNA versus alternatives? > > Thanks, > Pat McCormick -- =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o DONOVAN D. BROOKE Eucalyptus Design <-Web Development (specializing in eCommerce), -> <-Graphic Design, and Pre-Press Consultation -> ADDRESS:> Donovan Brooke DBA Eucalyptus Design N2862 Summerville Park Rd. Lodi, WI 53555 PH:> 1.608.592.3567 Web:> http://www.euca.us =o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Donovan Brooke

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Re1000001: Setting up shop (1997) textarea question (1998) Linux WebDNA Server probs (2004) [subtotal] and others (1997) searchable list archive (1997) carriage returns in data (1997) WebCat preferences caching problem (2000) Clickable maps and WebCatalog? (1996) underscore in variable name (2000) ShowIf inside formulas (1997) quantity minimum problem (1997) [addlineitem] (1999) carriage returns in data (1997) RE: [WebDNA] v6.2 dependencies? (2010) Emailer [cart] file names (1997) Configuring E-mail (1997) WebCatalog can't find database (1997) using showpage and showcart commands (1996) Convert words (2002) Re[2]: Support suggestions - Response (2000)