[Cubicweb] Security on CubicWeb

Nicolas Chauvat nicolas.chauvat at logilab.fr
Wed Jan 2 15:23:34 CET 2013

On Wed, Jan 02, 2013 at 03:00:38PM +0100, Adrien Di Mascio wrote:
> - DOS: CW doesn't provide any builtin tool to protect you.

If you use postgresql in the back-end, you can start by having a look
at statement_timeout()

We should probably add this as a configuration option to CW, in order
to have it automatically configure sessions timeouts depending on the
user connected.

It could look like this in the configuration file:


Should I add a ticket ?

Nicolas Chauvat

logilab.fr - services en informatique scientifique et gestion de connaissances  

More information about the Cubicweb mailing list