Forum: Ruby on Rails Opinions needed...

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
KendallJ (Guest)
on 2007-03-04 02:18
(Received via mailing list)
I'd like to get some opinions out there from some skillful Rails
programmers.  Let me ask if a certain scenario is possible.  I would
like to expose the major portion of my web app, which acts as a
workspace, to anyone that accesses it without any form of signup.  In
the workspace they have the ability to manipulate text fields, etc.
and then save them to a database.  The fact that they visit and work
in the workspace would save a cookie to their computer.  That cookie
could remember which "user" visited and therefore access their data
again.  However upon revisiting rather than allow them to continue,
force them to sign in.

My question is this:  what are the security concerns for a web app to
create generic users simply by a person visiting a site rather than
signing up?

Thanks much for any input.  You all's awesome.
unknown (Guest)
on 2007-03-04 06:16
(Received via mailing list)
The security concerns depend on the business of the web site.
This topic is locked and can not be replied to.