安全 Being paranoid with Ruby gems

hooopo · June 11, 2013 · Last by jasl replied at June 11, 2013 · 2605 hits

luikore #1 June 11, 2013

所以部署用 app 用户而不是 root, gem install 必须不 sudo ...

hooopo #2 June 11, 2013

#1 楼 @luikore 但是同样能干好多事情啊删除个 table 或 database 什么的

luikore #3 June 11, 2013

#2 楼 @hooopo CI 跑过测试的呀

hooopo #4 June 11, 2013

return if env["ci"]
do sth if env["production"]

luikore #5 June 11, 2013

#4 楼 @hooopo 好吧... 可以做个 bundler 查毒软件，市场前景应该不错...

hooopo #6 June 11, 2013

#5 楼 @luikore 要先放几只毒，然后查毒软件才能有市场

luikore #7 June 11, 2013

#6 楼 @hooopo 还能做 rubygems 认证中心，发布者花钱才给认证

jasl #8 June 11, 2013

@hooopo @luikore 警察叔叔，就是这两个人！

You need to Sign in before reply, if you don't have an account, please Sign up first.

Total 8 replies

Reward