[TYPO3-typo3org] Now security issues due to no way to post
Martin Holtz
typo3ng_2008 at martinholtz.de
Mon Apr 14 17:28:12 CEST 2008
Hi Daniel,
> where is the problem? You get to it with x clicks:
well, i think Peter is right here.
There could be an mail-form too. And i think it should be possible to
send a mail without javascript enabled.
And why is the page with the security hidden?
A few weeks ago i saw an video from the typo3 conference in Karlsruhe
2006 - where someone talks about a checklist for writing secure extensions.
Afaik this checklist is not available for public yet - or i did not find
it yet.
And i know someone who works for about four years with TYPO3 and didnt
know the security cookbock. And as i wanted to show him, i needs ten
minutes to remember where to find it...
but that goes to far at this point...
> 1. Teams
> 2. Security
> 3. About the TYPO3 Security Team - contact us
> 4. klick at "email address"
> 5. Thunderbird opens up and you can write
well, not if i use lynx on an server, or on some linux-systems i had.
Why do not use an security2008 @ .. an change each year only for show on
the website and forward it?
regards,
martin
--
Martin Holtz
elemente websolutions GbR
Junkerstraße 24
www.elemente.ms
wiki.typo3.org/De:TSref
More information about the TYPO3-team-typo3org
mailing list