[CentOS-devel] forums + portal for {lang}.centos.org sites
Stephane Corlosquet
scorlosquet at gmail.comTue Sep 30 16:31:02 UTC 2008
- Previous message: [CentOS-devel] forums + portal for {lang}.centos.org sites
- Next message: [CentOS-devel] forums + portal for {lang}.centos.org sites
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Karanbir Singh wrote: > Ned Slider wrote: > >> We (in my day job) see the same security issues for Joomla based sites >> when modules are used to extend core functionality. Site >> developers/owners are quick to extend functionality by installing >> additional plugins but then don't want the responsibility of maintaining >> multiple packages/plugins on the server. It just adds a further layer of >> complexity as any plugins need to also be separately monitored (and >> maintained) for security updates. >> Drupal 6 core has a built-in Update Status feature to keep the site admin up to date with new releases (contributed modules and security releases). It synchronizes with drupal.org and warns you when there are new releases for your modules. The update path is fairly easy and automated. using cvs to check out Drupal and its modules can save you a lot of time. > > yes, and its things like this : > > http://drupal.org/node/313054 > > which are quite scary. > This is what happens when you don't use the Drupal API <http://api.drupal.org/>, which saves the developers from having to worry about common security issues like XSS, CSRF, SQL injection etc. In that way it's very quick to evaluate the quality of a module: you just need to check whether they make good use of the API or not... scor, http://drupal.org/user/52142 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20080930/fe76b20f/attachment-0001.html>
- Previous message: [CentOS-devel] forums + portal for {lang}.centos.org sites
- Next message: [CentOS-devel] forums + portal for {lang}.centos.org sites
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list