[TYPO3-caretaker] Security bulletin and 'unsecure extension' test

Georg Kuehnberger georg at georg.org
Thu Dec 3 22:12:35 CET 2009


Michiel Roos [netcreators] wrote:
> Martin Ficzel schreef:
>> after another check i find that Caretaker works as expected. Just make
>> shure to add the ter-update cronjob and set the test intervals
>> accordingly. For extension-Security i suggest 4 or 6 hours as interval.
>> The ter-update cronjob has to run at least in the same interval to make
>> sense.
> 
> Hi Martin
> 
> I can only find the tasks 'get' and 'update' in the file
> caretaker/classes/class.tx_caretaker_Cli.php
> I can not find cliKeys in caretaker_instance
> I don't get it.
> ?

Hey Michiel,
AFAIK/understood: The logic is simply the other way around;
a) you dont need to have any cron-jobs @ the caretaker_instance s.
b) just make sure that the caretaker-server has recent updates from ter.
c) the caretaker-server is simply pulling a list & version-numbers of 
installed EXTs from the caretaker_instance s and comparing it against 
it's own "knowledge" about insecure extensions.

So you just have to "take care" of TER-Udpates on the caretaker-server 
instance see b)

hth, regards Georg


More information about the TYPO3-project-caretaker mailing list