Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The ease of the "just put it on the filesystem and it can be run!" system also opens up security vulnerabilities when people want to enable file uploads, for instance. I think the proliferation of places you can put configuration for the runtime is also a potential source of issues, as are various forms of string escaping that should be avoided.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: