I have not reviewed it for security, although I did not find anything suspicious either.
On Sep 11, 7:43 pm, Richard Vézina <ml.richard.vez...@gmail.com> wrote: > Hello Eric, > > It seems that Massimo as already kind of reviewed it > :http://groups.google.com/group/web2py/browse_thread/thread/52bd952c11... > > It seems to be planned to include/replace the actual admin... > > RIchard > > > > > > > > On Sat, Sep 10, 2011 at 5:51 PM, Eric <hu5...@gmail.com> wrote: > > I'm just writing to find out if a third-party has audited the code for > > the new instant admin plug-in for web2py (https://github.com/sramana/ > > web2py-instant-admin). It's a beautiful interface for the db, and I > > mean nothing personal against the developers, who have done a > > fantastic job building a great-looking way to access the db. > > > It's just this is a lot of code, and I've not yet gone over the whole > > thing myself (and would not be the ideal candidate for doing a > > security audit anyway). And before I give access to my db to a new > > third-party plug-in, I'd like to know at least that others are using > > it in production, and ideally that someone skilled in auditing python > > code for security has taken a close look at it. It would be a great > > admin interface for admins to use with an app I've created.
