J
James Britt
I have a friend interested in hosting ruby web sites (with apache, on I
believe redhat 7), using either mod_ruby or cgi (or perhaps both, at
user discretion). I've got him intersted in Ruby, and he wants some
assurnace that hosting others Ruby sites won't be a problem.
Aside from general site security (don't run apache as root, etc.) is
Ruby any more or less secure than, say, Perl or PHP?
Is mod_ruby inherently safer (or not) than CGI?
Can users be prevented from messing with $SAFE?
The sense I get from perusing past ruby-talk posts on the matter is
that, given proper site security, users may be at liberty to expose
their own sites to cracks, but the server as a whole would not be at
risk. Is this true? (It certainly *seems* that it should be so.)
Thanks; any pointers to general web site security appreciated as well.
James Britt
believe redhat 7), using either mod_ruby or cgi (or perhaps both, at
user discretion). I've got him intersted in Ruby, and he wants some
assurnace that hosting others Ruby sites won't be a problem.
Aside from general site security (don't run apache as root, etc.) is
Ruby any more or less secure than, say, Perl or PHP?
Is mod_ruby inherently safer (or not) than CGI?
Can users be prevented from messing with $SAFE?
The sense I get from perusing past ruby-talk posts on the matter is
that, given proper site security, users may be at liberty to expose
their own sites to cracks, but the server as a whole would not be at
risk. Is this true? (It certainly *seems* that it should be so.)
Thanks; any pointers to general web site security appreciated as well.
James Britt