aspose file tools
The moose likes Ruby and the fly likes How does ruby deal with Security? Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login
JavaRanch » Java Forums » Languages » Ruby
Reply Bookmark "How does ruby deal with Security?" Watch "How does ruby deal with Security?" New topic
Author

How does ruby deal with Security?

Hans Klaren
Greenhorn

Joined: Aug 05, 2009
Posts: 7
posted private message
0
Quote
Hello mr. Cooper,

I was wondering, as ruby (with rails) does every database update and create (using scaffold) in the back (correct me if im wrong).
But how is f.e. SQL Injection handled, and other type of attacks?
(sorry for my bad english)

Regards Hans
Alaa Nassef
Ranch Hand

Joined: Jan 28, 2008
Posts: 460
posted private message
0
Quote
There's a good guide on securing ruby on rails applications here

Visit my blog: http://jnassef.blogspot.com/
Hans Klaren
Greenhorn

Joined: Aug 05, 2009
Posts: 7
posted private message
0
Quote
thank you! This might be interesting

regards
Peter Cooper
Author
Greenhorn

Joined: Jul 17, 2009
Posts: 25
posted private message
0
Quote
Firstly, your question is quite specific to Rails, I feel, rather than Ruby. There are many different database abstraction libraries for Ruby that have different ways (or even no ways!) of managing SQL attacks, but Rails uses ActiveRecord and the link presented above gives good information on that. Rest assured, though, with the latest version of Rails and using ActiveRecord properly (rather than manually building SQL) you're not particularly susceptible to SQL injection attacks.

Author of Beginning Ruby (Apress): http://bit.ly/t31ag
Editor of Ruby Inside and RubyFlow
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: How does ruby deal with Security?
 
Similar Threads
How to use Ruby to write an http test client?
Ruby In Practice - Compare with Java
Webservices in Ruby
A few Ruby questions
AOP support in Ruby