Need someone to lead product management at your software company? I create software for people that create software and I'm looking for my next opportunity. Check out my resume and get in touch.

Adam Kalsey

This is the blog of Adam Kalsey. Unusual depth and complexity. Rich, full body with a hint of nutty earthiness.

Content Management

Process Tags security update

Freshness Warning
This blog post is over 21 years old. It's possible that the information you read below isn't current and the links no longer work.

6 Aug 2002

If you use the Process Tags plugin and you have multiple authors on your blog, it would be a good idea to remember that the plugin allows any author to insert Movable Type tags into their entries. This could potentially lead to bad things happening, especially if you use the SQL or PerlScript plugins. Please use common sense when using this (or any other) plugin.

Comments

Paul Winkeler
July 18, 2003 9:57 AM

Hi Guys Can we not think of some kind of restrictions to impose on the evaluation of tags inside entry contexts? Perhaps only entries authored by the "owner" of the blog can have this feature activated by careful crafting of the template? Any other ideas to manage this risk would be greatly appreciated. PaulW

This discussion has been closed.

Recently Written

Micromanaging and competence (Jul 2)
Providing feedback or instruction can be seen as micromanagement unless you provide context.
My productivity operating system (Jun 24)
A framework for super-charging productivity on the things that matter.
Great product managers own the outcomes (May 14)
Being a product manager means never having to say, "that's not my job."
Too Big To Fail (Apr 9)
When a company piles resources on a new product idea, it doesn't have room to fail. That keeps it from succeeding.
Go small (Apr 4)
The strengths of a large organization are the opposite of what makes innovation work. Starting something new requires that you start with a small team.
Start with a Belief (Apr 1)
You can't use data to build products unless you start with a hypothesis.
Mastery doesn’t come from perfect planning (Dec 21)
In a ceramics class, one group focused on a single perfect dish, while another made many with no quality focus. The result? A lesson in the value of practice over perfection.
The Dark Side of Input Metrics (Nov 27)
Using input metrics in the wrong way can cause unexpected behaviors, stifled creativity, and micromanagement.

Older...

What I'm Reading