Xataface Security Warning: (Well not really).

Archived from the Xataface News forum.

shannah — Tue Mar 30, 2010 2:01 pm

I ran across this security warning on Twitter.
http://packetstormsecurity.org/filedesc … s.txt.html

Someone has observed that if Xataface is set up on a database WITHOUT any permissions or security, then it provides write access to the database.

This is not a security hole in Xataface but it is worth noting that if you are setting up a Xataface application that is accessible to the world, that you should implement permissions at least in the Application Delegate class.

-Steve