Aller au contenu principal Aide Panneau de contrôle

 

English «   Bug tracker «  

Time for a Security forum topic?

Morison, Rodney -- le 7 juin 2007

I've posted a couple security related issues this week, maybe it's time for a yacs security thread?

PropriétaireMorison, Rodney
Avancement0%
WorkflowBesoin d'aide
StatutLe problème a été enregistré
  • Envoi le 7 juin 2007 par rod
As Yacs becomes more popular it will certainly be the subject of increasing "hacker-looking-for-exploits" scrutiny.

It would be really nice to have a definitive source of known security problems and their resolution. Fishing through the bugs thread is not very efficient for this kind of stuff.

Morison, Rodney
le 18 juin 2007
My thought was to have a push mechanism, e.g., an email watch on a specific thread, that would notify me of new security issues and resolutions.

Rss will do for now, though.

Rod
NickR
le 12 juin 2007
YACS code is well structured/designed, I dont think we need to worry about security too much

But I agree, a security thread or similar would be useful, just to show users how FEW security incidents we have and that we do respond to them fast.

Nick.
-----
Nick

Bernard Paques
le 8 juin 2007
We have had some serious security threats last year, and some of us had had hard time to recover... For now the architecture of YACS has proven quite strong, but you are right to highlight the need for continuous improvements in security.

Maybe the best way to go would be to create some categories to flag all articles related to this topic? At least, it would help to localize existing information throughout all existing pages.

Moreover, if you define some adequate keywords related to security, we could even recommend to use these in tags attached to new posts. The right way to have the whole community help on this topic...