[colug-432] June COLUG Meeting Announcement

R P Herrold herrold at owlriver.com
Tue Jun 26 13:36:47 EDT 2012


On Tue, 26 Jun 2012, Pat Collins wrote:

> I doubt you have seen repeated exploits on Drupal sites, care to offer proof on
> a site being run by professionals?  The Drupal core is always being improved and
> they have a very good security team.  Delegation of authoring is extremely good
> (role based).  I'm rarely in "site maintenance mode" and even then, the cli
> makes it pretty easy to automate.

Trivially easy. If they are so hot, why are they always 'in 
the news?'  Why is their module system not confined to a 
'sandbox' and so not protective of third-parties?

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=drupal

> Now, the next question.  Since COLUG is about open source 
> why is this group so close minded?

If the comment is directed at me, I am conservative in what I 
deploy at the COLUG site, to avoid workload (as mentioned in 
my initial post) -- I choose to think of it as perlishly 
virtuious

I would make the counter-argument that only cowboys and kids 
play with fragile, 'latest is greatest', high-maintenance kit

-- Russ herrold


More information about the colug-432 mailing list