Info: In case you're not clear about the binding exploit

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
Report Content as Inappropriate

Info: In case you're not clear about the binding exploit

Marc Palmer Local

In case you're not on twitter, I wrote a short piece explaining in some more depth the announced binding exploit - in case you are unsure whether or not you need to be concerned about your app:


This is very important because there is scope for users to corrupt your singleton beans or change "simple type" values of your singletons. Grails has all the tools you need to prevent this, but you definitely need to your app's exposure to it.


~ ~ ~
Marc Palmer
Freelancer (Grails/Groovy/Java/UX)

I offer commercial support for Grails plugins from as low as $50/mo.
For details see: http://grailsrocks.com

Blog: http://www.anyware.co.uk | Resumé: http://www.anyware.co.uk/marc
Contributor @ http://grails.org |  Founder @ http://noticelocal.com
Developer @ http://weceem.org | Member @ http://spottymushroom.com
Twitter: http://twitter.com/wangjammer5 

To unsubscribe from this list, please visit: