Auteur: Simon Lange Datum: Aan: 'Richard Welty', exim-users Onderwerp: AW: AW: [Exim] eximon usage
> On Thu, 29 Jan 2004 15:50:00 +0100 Simon Lange > <sl@???> wrote:
> > > one which is well known (_not_ one that i found) is the
> session id
> > > problem with the verizon wireless web site.
> > the technology is still save but the responsible admin there has an
> > issue...
> er, no. the design of the app was flawed.
>
> there are certain common design errors that are made in web
> apps by developers who are not security minded. they are the admin is responsible since its HIS job to ensure that security issues
are respected by developers. however but even if you blame the developer of
the app that does still say that the technology is safe.
you cannot blame apache/mysql/posix/linux for mistakes by humans,
incompetent technical project managers and unexperienced admins/developers.
:D
> repeated time and time again. sometimes they aren't too hard
> to fix. sometimes they can be incredibly expensive to fix.
> they can be made in any environment once i had such a greenhorn as developer in my project. he made a logon
function which i could "break" on the paper within seconds. imagine what
would happened if he had used his function for the customer... argh (a large
german pharma company)