Loading...
 
Documentation

Documentation


Re: Aw: Re: Aw: Re: Security Mailing List

posts: 2881 United Kingdom

> Hi!
>
> > We dont have anything of that nature, for the simple reason people could subscribe to it in order to obtain information on getting access to tiki sites.
>
> This is a noble attitude, but please let me ask why other projects do have a security announce mailing list. I do see the problem, that such a list could help crackers to easily obtain info about weaknesses. OTOH I can't see a reasonable way to receive security advisories with patches in time. Except that I have to poll your site periodically, but that is not what I'm searching for (and what I have time for).
>
> Would it be possible for the TikiWiki project to distribute such security advisories in a subscribable mailing list, where these advisories don't disclose exact how-tos on hacking TikiWiki, but just a short comment on the severity of the problem and a link to a patch?
>

That kind of advistory is usually announced on tikiwiki-users / tikiwiki-devel mailing list.

Damian

Upcoming Events

No records to display

Why Register?

Register at tiki.org and you'll be able to use the account at any *.tiki.org site, thanks to the InterTiki feature. A valid email address is required to receive site notifications and occasional newsletters. You can opt out of these items at any time.