[CentOS-devel] forums + portal for {lang}.centos.org sites
Dag Wieers
dag at centos.org
Tue Sep 30 20:48:49 UTC 2008
On Tue, 30 Sep 2008, Karanbir Singh wrote:
> Dag Wieers wrote:
>> > Surely this is the responsibility of the drupal devteam and not the
>> > userbase to ensure stuff like this is not included. That specific module
>> > was at some time distributed from the drupal.org website wasent it ?
>>
>> Does the absense of such bug-reports make a solution more secure ?
>
> well, does a widely circulated known exploit that isnt going to get a fix
> instill confidence in you ?
At least there is a process of reporting out-of-core security problems.
Why should the Drupal team be responsible of code they clearly do no
support ? Go and talk to the module's developers to see what processes
they have before you use it.
--
-- dag wieers, dag at centos.org, http://dag.wieers.com/ --
[Any errors in spelling, tact or fact are transmission errors]
More information about the CentOS-devel
mailing list