[BangPypers] [ANN][X-Post] SciPy India conference in Dec. 2009
Noufal Ibrahim
noufal at gmail.com
Sat Oct 10 07:16:49 CEST 2009
0 day Django exploit in the wild - http://news.ycombinator.com/item?id=872533
http://www.djangoproject.com/weblog/2009/oct/09/security/
Fixed rather quickly but found rather late. One of the reasons is
probably because of the comparatively smaller user base. If Django had
the same number of users as Drupal, I expect a lot more to be visible.
Also, I don't think that merely *using* PHP means that your site is
less secure. That's a tad too simplistic for my tastes. And I'm also
willing to bet that if I did have to use PHP, using something like
Drupal would be a lot more secure than deploying a home brew CMS.
There was a time when I used to maintain my entire website on my local
machine as a bunch of text files using Muse for Emacs. Make edits as I
wanted and then 'publish' the site. Not exactly cutting edge tech. and
not very flexible but I'm guessing that static HTML pages have better
security records than Django and Drupal. :)
--
~noufal
http://nibrahim.net.in
More information about the BangPypers
mailing list