WEBrick DOS Security Flaw

R

Rob Muhlestein

Looks like WEBrick isn't ready for production, but then I think most
only use it with rails development, if not you may reconsider using in
any production capacity until this flaw is addressed.

http://rob.muhlestein.net/2006/12/webrick-security-flaw.html

To the "anonymous comment" person who posted:
Nice FUD. People have been building production Ruby apps for over 12
years. And doing quite well.

Are there still bugs in Ruby. Well, I guess so, but this is hardly
enough to "question the maturity" of the language.

WEBrick may not have been subject to enough scrutiny because no one ever
suggests using it in production.

First, you are right, that did sound like FUD toward Ruby and you are
right to point out that WEBrick is generally not recommended for
production. I've changed the blog post hopefully to not appear as FUD
toward Ruby itself, but it definitely is FUD for unsuspecting newbies who
might try to use WEBrick as a production web server (a big mistake imho
with the current state of WEBrick, but hopefully we can fix that).

BTW, I wouldn't be bothering with these posts and fix discussions if I
didn't want to see Ruby, Rails, and even WEBrick succeed.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Staff online

Members online

Forum statistics

Threads
473,734
Messages
2,569,441
Members
44,832
Latest member
GlennSmall

Latest Threads

Top