Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
SnacksOnAPlane
on Jan 26, 2014
|
parent
|
context
|
favorite
| on:
Show HN: Linux server monitoring web dashboard
But you can totally audit the PHP code. There honestly isn't that much of it, and absolutely none of it takes user input. I'd be way more concerned if this was a Rails or Django app, because then there would be lots of library code to worry about.
anglebracket
on Jan 27, 2014
[–]
It doesn't take input from the user, but it does use untrusted input in a way that allows XSS. See
https://news.ycombinator.com/item?id=7128442
.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search: