[CentOS-devel] forums + portal for {lang}.centos.org sites

Mon Sep 29 15:07:06 UTC 2008
Ned Slider <ned at unixmail.co.uk>

Karanbir Singh wrote:
> eg. I am looking at Drupal for my own site and I find venturing into the 
> modules portion of drupal immediately drops the quality of code, and 
> even the ownership of security issues. It seems Drupal guys dont take on 
>  security issues for things that come from the modules or related 
> projects that are being used inside drupal.

We (in my day job) see the same security issues for Joomla based sites 
when modules are used to extend core functionality. Site 
developers/owners are quick to extend functionality by installing 
additional plugins but then don't want the responsibility of maintaining 
multiple packages/plugins on the server. It just adds a further layer of 
complexity as any plugins need to also be separately monitored (and 
maintained) for security updates.