Websites running on Drupal
Thomas Chung
tchung at fedoranews.org
Sat Nov 12 22:18:55 UTC 2005
(sorry if you're getting a duplicate message)
On Sat, 12 Nov 2005 14:59:02 -0600, Patrick Barnes wrote
> Do we have any information on Drupal's security track record? PHP has
> had its fair share of problems.
>
> I'm not meaning to bash on Drupal or PHP, but these are important
> concerns. I'm not going to pretend that Python and the Python software
> currently in use are perfect, but security was one of the considerations
> in their selection. It would be helpful to know how spreadfirefox.com
> was compromised. If their failures were problems with Drupal or PHP, or
> if they were problems elsewhere would be nice to know. Assuming we'll
> not learn that, we need to at least thoroughly investigate the security
> records of any software we consider.
Here is a list of security track records for Drupal 4.x from secunia.
http://secunia.com/product/342/
Basically there were 1 security advisory in 2002, 2003 then 5 security advisories in 2005.
Also I would suggest to check out the video with title "100% availability, scalability
and security with Drupal" from Drupal conference:
http://drupal.org/drupalcon-2005-media
--
Thomas Chung
FedoraNEWS.ORG (http://fedoranews.org)
"..where you can free your knowledge for your free community!"
More information about the Fedora-websites-list
mailing list