[colug-432] June COLUG Meeting Announcement
R P Herrold
herrold at owlriver.com
Tue Jun 26 13:36:47 EDT 2012
On Tue, 26 Jun 2012, Pat Collins wrote:
> I doubt you have seen repeated exploits on Drupal sites, care to offer proof on
> a site being run by professionals? The Drupal core is always being improved and
> they have a very good security team. Delegation of authoring is extremely good
> (role based). I'm rarely in "site maintenance mode" and even then, the cli
> makes it pretty easy to automate.
Trivially easy. If they are so hot, why are they always 'in
the news?' Why is their module system not confined to a
'sandbox' and so not protective of third-parties?
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=drupal
> Now, the next question. Since COLUG is about open source
> why is this group so close minded?
If the comment is directed at me, I am conservative in what I
deploy at the COLUG site, to avoid workload (as mentioned in
my initial post) -- I choose to think of it as perlishly
virtuious
I would make the counter-argument that only cowboys and kids
play with fragile, 'latest is greatest', high-maintenance kit
-- Russ herrold
More information about the colug-432
mailing list