Uma das revoluções da Web e do software da última década (?) em geral, é a sua extensibilidade. Sob o ponto de vista da segurança, pelo contrário, é sabido que esse é um dos grandes problemas que é preciso enfrentar. Um artigo interessante que fala desse problema usando como exemplo uma aplicação Web:
How Bugs Can Give Attackers Access to Protected Portions of a Web App
Cyrus Peikari and Seth Fogie
Jul 27, 2007.
There are thousands of web applications available for anything from simple file uploads to complex forums. All of these programs are created to be easy to install and even easier for a client to use, which is why they are very popular with the average non-technical customer. While the benefits of these programs are typically obvious and worth the cost, there are often some serious risks associated with using these web applications because they are built by people who are not security experts. In this section we are going to look at one such program that came across my radar and the simple fact that by installing this program you could be exposing every other user of the hosting server to major security problems.