[TYPO3-dev] [Fwd: [TYPO3-announce] Announcing TYPO3 4.0.12, 4.1.10 and 4.2.6]
Martin Kutschker
masi-no at spam-typo3.org
Wed Feb 11 08:58:05 CET 2009
Steffen Müller schrieb:
> Hi.
>
> On 10.02.2009 17:56 Martin Kutschker wrote:
>> It only makes the little brats curious and could have been written in a
>> more general tone. eg "with the exploit you can retrieve vital
>> configuration files. With this files and well known methods the attacker
>> can gain administration access to your site. If the server is not
>> properly configured the attacker may even gain enough knowledge to steal
>> all your databases or break into your system."
>>
>
> On the other hand, saying: "Dear Users, critical security threat, please
> update soon. Full stop." simply does not make the situation as clear as
> "exploit will hurt your system bad, because..." does.
I think my alternative version is horrifying enough: "can gain
administration access to your site" and "
(may) steal all your databases or break into your system".
Masi
More information about the TYPO3-dev
mailing list