*sigh*

Users putting scaffold into production deserve what they get. It's the same where you have 'eval' in any language: security is the job of the developer, every one.

Oh and btw: Rails is a framework.

TO BE CLEAR. DRUPAL, WIKIS, PHPBB ARE NOT.

That you don't understand this distinction is telling.

- - james


On 21 Apr 2007, at 10:06, Gordon Joly wrote:


Twitter, Ruby on Rails redux.

Perhaps one more issue? Security.

There is an accelerating trend to frameworks and other CMS systems for user generated content (wikis, Zope, Drupal, Ruby on Rails, etc). Applications with a database backend (e.g. phpBB) can be installed by Fantastico (cPanel) in seconds and Mediawiki also has a simple web interface for installation.

I saw the light in 2004 when Jimbo visited the BBC and gave a public talk in London):-

http://en.wikipedia.org/wiki/User:Jimbo_Wales/BBC_talk_slides

Can I add   "Wikipedia is not a place for cricket statistics" ?

Each framework presents security issues. Mediawiki is now robust, and if you take care, bogus advertising links and other bad stuff can be avoided.

Socialtext? Yup, that too. I found a very dirty set of pages, clogged with links to mortgages and various medications. It had not been spotted by the admins, and I was accused of generating the bad stuff in question myself, since nobody could see the links (they were hidden in the user generated tags).

I also tried to clean up an installation of phpBB (bulletin board) recently but in the end gave up since there were more bogus users than bona fide users.

Scaffold anyone?

Gordo

--
"Think Feynman"/////////
http://pobox.com/~gordo/
[EMAIL PROTECTED]///
-
Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/ mailing_list.html. Unofficial list archive: http://www.mail- archive.com/backstage@lists.bbc.co.uk/

--

James Cox,
Internet Consultant
t: 07968 349990  e: [EMAIL PROTECTED] w: http://www.imajes.info/



Reply via email to