The code-security tag has no wiki summary.
6
votes
7answers
695 views
How safe & trustworthy are hosting sites such as sourceforge, github or bitbucket for closed-source projects?
I am considering using sourceforge, bitbucket or github for managing source control for my business. I have open projects and I participate in open projects such as gcc. But I also have a business ...
0
votes
0answers
21 views
Are Spring SPeL security issues fixed and can it be considered safe?
I have heard about Spring SPeL security and access control issues. The answer to this SO question describes a true issue allowing injection and access to restricted data.
Has it been fixed? Is it ...
0
votes
1answer
838 views
Why are Wordpress sites so easily hacked? [closed]
I have found that hacker can easily hack wordpress site.
I have found this posts related to wordpress site hacking.
1) http://wordpress.org/support/topic/website-hacked-3
2) ...
0
votes
4answers
146 views
Is there a way to check if redistributed code has been altered?
I would like to redistribute my app (PHP) in a way that the user gets the front end (presentation) layer which is using the API on my server through a web service.
I want the user to be able to alter ...
2
votes
4answers
347 views
what are some good interview questions for a position that consists of reviewing code for security vulnerabilities?
The position is an entry-level position that consists of reading C++ code and identifying lines of code that are vulnerable to buffer overflows, out-of-bounds reads, uncontrolled format strings, and a ...
1
vote
1answer
185 views
How can we change/protect the namespace of an object in Javascript?
Continuing from my previous question: Javascript simple sample code to understand prototype-based OOP basics
Let's say we run into console this two separate objects(even if they are called child and ...
4
votes
1answer
195 views
CSRF Protection with codeigniter
I have very little knowledge in application security. I have often seen to protect your application from csrf attacks developers use tokens and pass these tokens with request to validate. I want to ...
1
vote
2answers
397 views
Security Concerns with password storage in Scripting Languages (VBA)
The team I work with handles large amounts of consumer survey, and internal company metric data. Primarily the data is stored in a database, and we utilize various platforms and to work with that ...
8
votes
1answer
109 views
Are there any free tools to measure web project's performance, security and other standards?
Are there any open-source tools to measure the standard of a web application project? I want to verify my project for:
Possible security leaks (SQL Injection etc.)
Performance
Stability (in high ...
5
votes
2answers
304 views
What should I do when I find sensitive information in version control?
Today I found what looked to be my supervisor's password in some code in version control. The password is to a database. He is very experienced and has explained before how to avoid having passwords ...
0
votes
1answer
172 views
How does a script download a Youtube Video?
Knowing that Youtube uses Adobe Flash which is compiled server side to deliver its video content, I am wondering how its possible to find a video's file name & location on the server?
This is a ...
8
votes
6answers
1k views
How can I prevent a client from seeing my code written in an interpreted language?
I'm building a fairly complex interpreted program in Python. I've been working on most of this code for other purposes for a few months, and therefore don't want my client to be able to simply copy ...
