@postmodern_mod3 It's the usual problem with whitelisting vs. blacklisting.
-
-
-
Replying to @postmodern_mod3
@postmodern_mod3 no, because it gives a false sense of security? "we use tainting, we are safe" not so.1 reply 0 retweets 0 likes -
Replying to @whitequark
@whitequark$SAFE = 1 does not give a false sense of security. It stops tainted data from being passed to eval/system.2 replies 0 retweets 0 likes
Replying to @postmodern_mod3
@postmodern_mod3 @whitequark $SAFE doesn't work with JRuby or Rubinius, and you should really do $SAFE = 4
1:14 PM - 11 Mar 2013
0 replies
1 retweet
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.