Skip to content

{ Tag Archives } Ruby

YAML and Remote Code Execution

YAML’s security risks are in no way limited to Rails or Ruby. YAML documents should be treated as executable code and firewalled accordingly. Deserializing arbitrary types is user-controlled, arbitrary code execution.
It’s Not Just Ruby
A few weeks ago, I had a need to parse Jasmine’s jasmine.yml in some C# code. I spent some time looking at [...]

Also tagged , , ,

Columbus Give Camp

This past weekend I, along with around 50 other local geeks, volunteered three days of my time to build web applications for eight different Columbus-area nonprofits. Columbus Give Camp is based on a similar series of events in Michigan. The Columbus Give Camp was hosted by Quick Solutions, who, conveniently, are located five floors above [...]

Also tagged , , ,

Bad Behavior has blocked 713 access attempts in the last 7 days.

Close