Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How does ruby deal with Security?

 
Hans Klaren
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello mr. Cooper,

I was wondering, as ruby (with rails) does every database update and create (using scaffold) in the back (correct me if im wrong).
But how is f.e. SQL Injection handled, and other type of attacks?
(sorry for my bad english)

Regards Hans
 
Alaa Nassef
Ranch Hand
Posts: 471
Hibernate Mac OS X Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There's a good guide on securing ruby on rails applications here
 
Hans Klaren
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
thank you! This might be interesting

regards
 
Peter Cooper
Author
Greenhorn
Posts: 25
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Firstly, your question is quite specific to Rails, I feel, rather than Ruby. There are many different database abstraction libraries for Ruby that have different ways (or even no ways!) of managing SQL attacks, but Rails uses ActiveRecord and the link presented above gives good information on that. Rest assured, though, with the latest version of Rails and using ActiveRecord properly (rather than manually building SQL) you're not particularly susceptible to SQL injection attacks.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic