[Typo3] SQL Injection - READ THIS PLEASE.
Peter Russ
peter.russ at 4many.net
Fri Mar 4 16:25:21 CET 2005
Michael Stucki schrieb:
> Stefan Neufeind wrote:
>
>
>>For reference - it was also announced here:
>>http://secunia.com/advisories/14465/
>
>
> Plus many other places. Argh, I hate this! Again:
> This is a 3rd party extension!!
>
> Why does noone want to mention this?
>
> Is Linux insecure because Apache has a leak?
>
> I highly vote for no longer publishing any 3rd party extensions without
> having them reviewed...! :-|
>
> - michael
Nope that not quite right:
Linux is not the frame work as Apache can run under different OSes. So
if you want to compare you should do it apple by apple.
I'm just wondering again:
If Typo3 is interested in supporting extensions and missed to come up
with a process to differentiate between experimental, alpha, beta,
testing, stable and let the developer decide without QA ... Who creates
the problems: the chicken or the egg?
By the way: what is a 3rd party extension at open source? And who is
debugging the core Typo3 or 2nd party products? What's about the "hidden
features" of the 1st party...
If you want developers to publish their extension at typo3.org you also
have to accept the consequences if s.th. goes wrong. Or different place
has to be established.
Regs. Peter.
---
_____________________________
4Many Services
http://www.4many.net http://www.4dfx.de
Kundenserver/Customer server
http://www.typo3-server.net
More information about the TYPO3-english
mailing list