Security audit and internal training

[prioux]

All devs should read these documents, then we should do a new security audit of the entire code base. The last one was too long ago.

http://guides.rubyonrails.org/security.html

http://phrack.org/issues/69/12.html#article

[crocodoyle]

The second link is not working, do you have a cached version of the article you could post?

[prioux]

Yeah, looks like the site for phrack has been blocked or is down. It's good that I have a copy of the article. It's plain text. I'll not post it here, ask me tomorrow.