On Sun, Apr 21, 2002 at 01:06:28PM +0200, F. Xavier Noria wrote: > On Sun, 21 Apr 2002 10:50:53 +0100 > Matthew Byng-Maddick <[EMAIL PROTECTED]> wrote: > : On Sun, Apr 21, 2002 at 03:16:53AM -0400, Sam Tregar wrote: > : > SOAP::Lite module to be of excelent quality and the SOAP::Lite community > : > to be very helpful. > : Apart from the obvious security bug, you mean? The one where it doesn't > : actually restrict what remote code can be run at all? > SOAP::Lite 0.55 was released some days ago, it addresses that issue > according to > http://www.soaplite.com/
I'm aware of this, but I can't stress the importance of reviewing such security-critical code. And the "excellent quality" of the code that was mentioned by Sam Tregar in his post. RPC often is a nightmare security-wise, the SOAP::Lite bug illustrates the problems perfectly. MBM -- Matthew Byng-Maddick <[EMAIL PROTECTED]> http://colondot.net/
