>>>>> On 2007-04-27 01:34 PDT, Adam Megacz writes:
Adam> I'd also like to add filedrawers (filedrawers.org)
Php code where "the source code is immature" according to the
website---doesn't exactly instill confidence in security.
Does its security simply rely on attempting to access files as
www-data/etc? What's AFS-specific about this app?
If the plan is to expose private files or write access, I don't
think the decision should be made lightly. There is a risk of XSS
vulnerabilities, cookie stealing, etc. unrelated to file system
authentication/authorization.
--
Karl 2007-04-27 03:51
_______________________________________________
HCoop-SysAdmin mailing list
[email protected]
http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
