Log4J Bulletin: Passenger not affected TL:DR; Passenger is not affected. Passenger has no components written in Java and thus does not use log4j. As such, it is not affected by the log4j vulnerabilities (CVE-2021-45046 & CVE-2021-44228, or any subsequentl
How to future proof your apache modules in macOS by signing them with your own certificate authority Apple has given us notice of an upcoming codesigning requirement in their bundled apache webserver. I worked out how to make things work once it is in place.
Phusion's experts at your service Phusion is offering professional services. We help you ship successful apps that are secure, scalable and a joy to use.
You can't trust your parents to protect you On Unix-like systems, setting sufficiently strict permissions on a dir allows one to disallow access to its content. Right? Turns out to be untrue on both macOS and Linux. Enter inodes trickery.
Passenger 5.3.2: various security fixes Passenger 5.3.2 released, fixing a file system access race condition as well as various SpawningKit exploits. We urge you to upgrade your version immediately.
ActionCable under stress: Finding a DoS vulnerability in Rails 5 WebSockets Apps In this article we will show you how Rails 5.0.0 ActionCable applications on Puma, the new default Rails app server, might be exposed to denial of service by slow clients. We will be using the OS X network shaping tools