Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

One term for the applications you're thinking about is "certified pre-owned". Michel Zalewski just made a handy logo for those people to slap on the bottom of their front page:

http://lcamtuf.blogspot.com/2012/06/this-page-is-now-certifi...



"In most real-world applications, MySQL authentication and privileges have absolutely no effect on security."

To me, that makes as much sense as:

"In most real-world applications, file permissions have absolutely no effect on security."

Or:

"In most real-world applications, running services under isolated uids instead of running everything as root has absolutely no effect on security."

It's a bold claim, but one made with no evidence to back it up.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: