>>323
Writing secure software in Perl is quite easy, actually. Unlike PHP, there aren't billions of pitfalls which can screw you over (such as using include()
to grab HTML pages, a common beginner mistake), and the DBI module makes it easy to use parameterised statements, which practically makes successful SQL injection nearly impossible.
The attitude of the developer also means a lot; compare Waha's response to bugs and vulnerabilities with the Kusaba X developers':
<Taclink> RewriteCond %{REMOTE_ADDR} (77\.247\.181\.163|124\.186\.170\.134|76\.200\.120\.201|173\.254\.192\.38|184\.56\.238\.123|69\.47\.119\.236)$
<Taclink> is the current one
<savetheinternet> shouldn't there be a ^ at the start of that RewriteCond? otherwise, banning 10.0.0.0 would also ban 110.0.0.0 etc
<Sazpaimon> savetheinternet, that's such a small edge case it isnt even worth it