Forgot your password?

Comment: Re:I've been saying it for years. (Score 1) 117

by cout (#42534859) Attached to: Ruby On Rails SQL Injection Flaw Has Serious Real-Life Consequences

I think your position is a reasonable one.

However, it's not particularly relevant to the security hole. The bug has to do with deserialization of parameters rather than SQL specifically; the SQL injection exploit is but one possible exploit of the bug.

Moreover it's not inconceivable (likely, in fact) that other bugs of the same class exist in projects other than rails. Avoiding Rails altogether doesn't protect you from this class of bug.

Money is the root of all evil, and man needs roots.