Re: Security Review

2010/7/26 Craig Younkins : >> "As far I can determine, only badly-written user code could result in >> SQL injection." > > And with that statement you define the world of application security. Nearly > all the exploits and vulnerabilities we see are not because the security >

Re: Security Review

On Mon, Jul 26, 2010 at 2:57 PM, Jacob Kaplan-Moss wrote: > Hi Craig -- > > Once again, thanks for this work; I can see it paying off big. And I > know you know this, but for the benefit of anyone else reading this > thread: > > **PLEASE report any security issues — potential

Re: Security Review

Hi Craig -- Once again, thanks for this work; I can see it paying off big. And I know you know this, but for the benefit of anyone else reading this thread: **PLEASE report any security issues — potential or otherwise — to secur...@djangoproject.com.** (More on our security policy:

Security Review

At Python Security [1] we are beginning to turn our focus towards an in-depth but informal review of Django. Below is an excerpt from the email [2] I sent to our mailing list: [4] is the wiki page for Django. As you can see, we already have a bunch of information. In particular, I've taken a look