[PLUG-Devel] Security Audit of Joomla!
Darrin Chandler
dwchandler at stilyagin.com
Tue Sep 12 06:41:33 MST 2006
On Mon, Sep 11, 2006 at 09:27:11PM -0700, Alan Dayley wrote:
>
> Why is it out of our control? If we did an audit, based on a known tag
> or version of the source, within the submission guidelines of the
> project, I'd think we have much control to see our fixes into Joomla! or
> any other FS project.
>
> Perhaps that is not as true as I think but I still like the idea of this
> project, if someone were to take it on.
Some projects are more friendly than others when it comes to submissions
from "outside" the normal developer community. I suspect the Joomla!
people would be mostly happy to accept security fixes. If they're not
then you can always publish the fixes alongside disclosure of
vulnerabilities. That always works. ;)
--
Darrin Chandler | Phoenix BSD Users Group
dwchandler at stilyagin.com | http://bsd.phoenix.az.us/
http://www.stilyagin.com/ |
More information about the PLUG-devel
mailing list