J. Greenlees wrote:
Nick Kew wrote:
~snip~
Either of those might find a use for it. Running it on a proxy
has the advantage of being the first port of call, so long
as nothing bad can come from behind the proxy. I guess
that's a similar question to authentication at the proxy.
The "what are
Nick Kew wrote:
~snip~
Either of those might find a use for it. Running it on a proxy
has the advantage of being the first port of call, so long
as nothing bad can come from behind the proxy. I guess
that's a similar question to authentication at the proxy.
The "what are you protecting again
On 30 Sep 2010, at 18:23, Igor Galić wrote:
> Why not put it in svn in httpd's sandbox?
Hadn't 100% decided ...
>> http://people.apache.org/~niq/mod_taint.html
>> http://people.apache.org/~niq/mod_taint.c
>
> does it make more sense to use it on a reverse proxy or
> on the backend in question?
- Nick Kew wrote:
> mod_taint is a new module to apply Perl-style taint checking
> to untrusted data. It's a lot smaller and simpler than
> mod_security, but offers a useful tool to protect a range
> of applications.
>
> It's now up-and-running and working well for me, and ready
> for wider t
mod_taint is a new module to apply Perl-style taint checking
to untrusted data. It's a lot smaller and simpler than
mod_security, but offers a useful tool to protect a range
of applications.
It's now up-and-running and working well for me, and ready
for wider testing and feedback.
I've put the m
