Asp Forum
Home
|
Login
|
Register
|
Search
Forums
>
comp.lang.ruby
WEBrick DOS Security Flaw
Rob Muhlestein
12/29/2006 2:56:00 PM
Looks like WEBrick isn't ready for production, but then I think most
only use it with rails development, if not you may reconsider using
in any production capacity until this flaw is addressed.
http://rob.muhl...
/2006/12/webrick-security...
--
Rob Muhlestein
http://rob.muhl...
1 Answer
Rob Muhlestein
12/29/2006 7:27:00 PM
0
On Fri, 29 Dec 2006 09:55:59 -0500, Rob Muhlestein wrote:
> Looks like WEBrick isn't ready for production, but then I think most
> only use it with rails development, if not you may reconsider using in
> any production capacity until this flaw is addressed.
>
>
http://rob.muhl...
/2006/12/webrick-security...
To the "anonymous comment" person who posted:
>> The WEBrick pure Ruby HTTP server regrettably suffers from a rather
>> novice security flaw making me wonder about maturity of the Ruby and
>> Rails libraries in general
>
> Nice FUD. People have been building production Ruby apps for over 12
> years. And doing quite well.
>
> Are there still bugs in Ruby. Well, I guess so, but this is hardly
> enough to "question the maturity" of the language.
>
> WEBrick may not have been subject to enough scrutiny because no one ever
> suggests using it in production.
First, you are right, that did sound like FUD toward Ruby and you are
right to point out that WEBrick is generally not recommended for
production. I've changed the blog post hopefully to not appear as FUD
toward Ruby itself, but it definitely is FUD for unsuspecting newbies who
might try to use WEBrick as a production web server (a big mistake imho
with the current state of WEBrick, but hopefully we can fix that).
BTW, I wouldn't be bothering with these posts and fix discussions if I
didn't want to see Ruby, Rails, and even WEBrick succeed.
--
Rob Muhlestein
http://rob.muhl...
Servizio di avviso nuovi messaggi
Ricevi direttamente nella tua mail i nuovi messaggi per
WEBrick DOS Security Flaw
Inserendo la tua e-mail nella casella sotto, riceverai un avviso tramite posta elettronica ogni volta che il motore di ricerca troverà un nuovo messaggio per te
Il servizio è completamente GRATUITO!
x
Login to ForumsZone
Login with Google
Login with E-Mail & Password