similar to: DHH''s Post on Ruby Talk -- Rails 1.1.5: Mandatory security patch (and other tidbits)

We''re still hard at work on Rails 1.2, which features all the new dandy REST stuff and more, but a serious security concern has come to our attention that needed to be addressed sooner than the release of 1.2 would allow. So here''s Rails 1.1.5! This is a MANDATORY upgrade for anyone not running on a very recent edge (which isn''t affected by this). If you have a public

Hello, I''m writing internal slides (fr government) presenting RoR, perhaps soon in CC licence. Can you point me to some reference where "Rails History" or "Why DHH choose to develop is "own" Framework" are discuted ? In fact I try to answer the background question "Why another framework ?" Thanks! Ciao''

On 1/5/06, David Heinemeier Hansson wrote: > > The lure of components is directly proportional with the pain of development. I''m not trying to be abrasive in any way but I''m curious if this attitude is related to the number of rails apps David maintains. No I don''t know how many login systems David maintains. I can understand avoiding components if a person only

The cat is out of the bag, so here''s the full disclosure edition of the current security vulnerability. With Rails 1.1.0 through 1.1.5 (minus the short-lived 1.1.3), you can trigger the evaluation of Ruby code through the URL because of a bug in the routing code of Rails. This means that you can essentially take down a Rails process by starting something like /script/profiler, as the code

Let''s say I have a "main" controller/view and a "sub" controller/view. If I have defined a partial in "main" for the site header (_site_header.rhtml) can I share it with "sub" or does "sub" have to duplicate it, use a symbolic link to the file, or convert the cool partial into an ugly helper? It would be nice to have a shared placed

a couple of things that really helped me when converting from mbox to maildir. First is to see how simple procmail changes could be. in your /etc/procmailrc file, just add the following. MAILDIR=$HOME/Maildir/ # Make sure this directory exists! DEFAULT=$MAILDIR if you're using per user procmail files, the exact same two lines will also work to ensure proper delivery. if

I didn''t see anyone post a link to David''s Interview by Lenz here on the list so I decided to post it. The interview can be accessed here: http://dev.mysql.com/tech-resources/interviews/david-heinemeier-hansson-rails.html I was very happy to see the interview on PlanetMySQL as just the other day I was talking about RubyOnRails on my MySQL blog which is syndicated

So I''m wondering about the origin of "ActiveRecord" and "ActionPack" and the like in Rails. I''ve always thought that perhaps DHH found himself in a suit one day (maybe he had to attend a friend''s wedding or something), and as long as he had the suit on, decided to lapse into a one of the barely lucid frenzies that Marketing people are prone to when

Hello all, I''m (sadly) on Win32, and I''m looking for a presentation app to create slides a-la DHH and others. Powerpoint is obvious, and painful to work with. Also how can a windows wonk do the formatted pasting of ruby code for the presentation ? Thanks! -- ------------------------------ Apple MacBook. Black. It''s the new White! ------------------------------

Hey, I am trying to upgrade to 1.1.5 and rails no longer finds my controllers the live outside app/controllers. I was on 1.1.2 previously and here is my setup In environment.rb config.load_paths += [File.join(File.expand_path(RAILS_ROOT), "rails_shared/controllers") ] config.load_paths += [File.join(File.expand_path(RAILS_ROOT), "rails_shared/helpers") ]

Anxiously finding it... -- http://nohmad.sub-port.net

The Chicago Area Ruby Group would like to extend a warm invitation to Ruby developers everywhere to a meetup with David Heinemeier Hansson on Saturday, April 23rd. We will start out at a Giordano''s Pizzeria downtown and afterwards move to a conference room provided by the kind folks at Site 9. The topic will most likely be Ruby on Rails and I am sure we will probably talk about

WTF was this about? http://www.flickr.com/photos/planetargon/127984254/ Joe -- Posted via http://www.ruby-forum.com/.

Hi Colin! I would like to know, that these following "vulnerabilities" does affect FreeBSD's reliability? If the answer is "yes", what version of FreeBSD affected, when will be fixed, etc. http://projects.info-pull.com/moab/MOAB-12-01-2007.html http://projects.info-pull.com/moab/MOAB-10-01-2007.html Thank you! -- kobi

Hi people, As I stated in a earlier message, I am using Rails on my masters degree and soon I will have to port my application from a relational database (MySql) to a RDF semantic database called Sesame. At first, I thought that I could get away with most of the porting only by writing a decent database adapter, but then, examining AR closer, I could see that it has some strong dependencies

Dear Rails team, The handling of the recent vulnerability in Rails has proven somewhat problematic for us. We have recently adopted Rails as our web platform of choice; previously, we used J2EE. We love Rails. We hate J2EE. We don''t want to go back. It took a lot of effort and convincing to get the management teams of our various projects to sign off on the use of Rails. The

On 06.07.2017 15:35, Robert Nichols wrote: > On 07/06/2017 04:43 AM, Volker wrote: >> Hi all, >> >> one of my lv has become completely unaccessible. Every read access >> results in a buffer io error: >> >> Buffer I/O error on dev dm-13, logical block 0, async page read >> >> this goes for every block in the lv. A ddrescue failed on every single

Does someone have an actual example of this? I saw DHH''s slides where he said that you could have your app automatically respond with HTML, XML, atom, whatever. So far I''ve found tons of discussion on REST and CRUD in Rails, but I haven''t seen anything that actually shows me what it all is. There''s simply_restful, which apparently makes things easier...I

I am trying to use a grid widget in my application, but run into a number of issues: -- Can they be placed in a panel? Or better yet, placed in sizer with other controls? I have only been able to place a grid inside a frame. -- Can you designate multiple rows (or columns) as being used for labels? -- Can you create cells that span cols (or rows)? -- What events are available to trigger on? How

I run OS X 10.3.7 on a PowerMac MDD G4 on a cable broadband connection. I have reason to think my system has been tampered with. Security features in Mac OS X have been left unlocked (Preference Pane - Users) even though a master lock has always been set in the Security Preference Pane. This locks all other important preference panes which could be tampered with. Also permissions have been