Page 1 of 1

Xataface Security Warning: (Well not really).

PostPosted: Tue Mar 30, 2010 2:01 pm
by shannah
I ran across this security warning on Twitter.
http://packetstormsecurity.org/filedesc ... s.txt.html

Someone has observed that if Xataface is set up on a database WITHOUT any permissions or security, then it provides write access to the database.

This is not a security hole in Xataface but it is worth noting that if you are setting up a Xataface application that is accessible to the world, that you should implement permissions at least in the Application Delegate class.

-Steve