[CentOS-devel] forums + portal for {lang}.centos.org sites

Tue Sep 30 20:48:49 UTC 2008
Dag Wieers <dag at centos.org>

On Tue, 30 Sep 2008, Karanbir Singh wrote:

> Dag Wieers wrote:
>> >  Surely this is the responsibility of the drupal devteam and not the 
>> >  userbase to ensure stuff like this is not included. That specific module 
>> >  was at some time distributed from the drupal.org website wasent it ?
>>
>>  Does the absense of such bug-reports make a solution more secure ?
>
> well, does a widely circulated known exploit that isnt going to get a fix 
> instill confidence in you ?

At least there is a process of reporting out-of-core security problems.

Why should the Drupal team be responsible of code they clearly do no 
support ? Go and talk to the module's developers to see what processes 
they have before you use it.

-- 
--   dag wieers,  dag at centos.org,  http://dag.wieers.com/   --
[Any errors in spelling, tact or fact are transmission errors]