-
We should have optional ability to bind session Id and the ip-address.
So, if user login we must save he ip-address. After that we should deny access if current ip-address mismatch with original one …
-
Greetings,
I am a security researcher, who is looking for security smells in Puppet scripts.
I noticed instances of hard-coded passwords, which are against the best practices
recommended by Commo…
-
## Summary
> Please give a short summary of this research topic.
What are the typical security concerns associated with lending protocols, and how can these issues be addressed? An example is the …
-
As an user, I would like to use YAML aliases to convert long code/configuration that repeats in simple one. Today, if you try to to it, you will get an error `YAML aliases are not supported`
I woul…
-
When we get our server we should set the PHP config variable `session.cookie_lifetime` in `php.ini` to some amount of time we think sessions should expire after.
-
README.md compares OnionShare to Google Drive and Dropbox.
One of the really neat things about Google Drive and Dropbox is that you can share a whole subdir with others, and that data is synchroniz…
-
Hi,
I would like to suggest some security improvements to the control panel web application:
- Add the ability to restrict access to the control panel based on a whitelist of IP addresses (which coul…
-
GitHub get's "**_taken_ down**" by "**DDOS**" on a _fairly regular_ basis...
![github-no-server-available-error](https://cloud.githubusercontent.com/assets/194400/22106229/a7d64d88-de3f-11e6-9a46-7…
-
Thanks for making this 💪
I think the site would benefit from having security improved. Unfortunately, people have a tendency to re-use passwords, and as of now, the password and the session cookie …
-
I'm running Pisth version 11.3.1. Unless I missed it, I noticed that when connecting to a new host via SSH for the first time, there is no host key verification prompt for adding host trust to your c…