2010/7/26 Craig Younkins :
>> "As far I can determine, only badly-written user code could result in
>> SQL injection."
>
> And with that statement you define the world of application security. Nearly
> all the exploits and vulnerabilities we see are not because the security
>
On Mon, Jul 26, 2010 at 2:57 PM, Jacob Kaplan-Moss wrote:
> Hi Craig --
>
> Once again, thanks for this work; I can see it paying off big. And I
> know you know this, but for the benefit of anyone else reading this
> thread:
>
> **PLEASE report any security issues — potential
Hi Craig --
Once again, thanks for this work; I can see it paying off big. And I
know you know this, but for the benefit of anyone else reading this
thread:
**PLEASE report any security issues — potential or otherwise — to
secur...@djangoproject.com.**
(More on our security policy:
At Python Security [1] we are beginning to turn our focus towards an
in-depth but informal review of Django. Below is an excerpt from the email
[2] I sent to our mailing list:
[4] is the wiki page for Django. As you can see, we already have a
bunch of information.
In particular, I've taken a look