comment on

Thank you very much for your advice! SSL is indeed necessary, and Catalyst seems to be able to handle this in a nice way.

Or breaking into your box through some kind of injections?

Yes, apart from securing the communication channel via SSL, this is one of my primary concerns -- that there may be, for example, an unsecured SQL statement in one of Catalyst's subclasses that may be used for SQL injection, or some kind of exploit to read local files.

You'll have to keep in mind while working that nothing will do the security checks for you, You'll have to do everything on your own.

ahmad, do you mean that I have to, for example, pre-check input before the Catalyst dispatcher gets its hands on it?

In reply to Re^2: Catalyst or other frameworks in a security critical context by ArgusM
in thread Catalyst or other frameworks in a security critical context by ArgusM

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.