July 2010
3 posts
Taint Mode For Python
Juanjo Conti has done some fantastic work for OWASP implementing a taint mode in Python through a library. Taint mode is a language feature which can highlight injection flaws by tracing untrusted user input through the code by tracking the “taintedness” of variables. In taint mode, developers identify untrusted inputs, sanitization functions, and sensitive sinks. User input variables...
Thinking About Using exec? Think Again! →
web2py - A Framework That Cares About Security
A huge round of applause is in order for web2py because they care about security.
The web2py creators clearly kept security in mind from the design phase, and it shows in the end result. web2py is immune to many attacks on session management and routing because those components were designed with security in mind.
This underscores an important aspect of security in any application: Security...
June 2010
2 posts
Cloudsecurity.org Interviews Guido van Rossum:... →
A Challenge To Break Python Security →