On Thursday 01 May 2008, Kenneth Gonsalves wrote: > On 01-May-08, at 10:20 AM, Raj Mathur wrote: > >> [snip] > >> plone is hackproof > > > > I presume that statement is sheer flamebait, and is not intended to > > have > > any relationship with reality? > > you presume wrong on both counts. Plone is a highly mature and highly > secure cms - far superior to any of the php things being bandied > about. And nowadays, a basic plone install is dead simple.
...neither of which statements has any bearing on the ``hackproof'' label. Please, either substantiate (which is impossible) or withdraw the original statement, because we sure don't want to give people here the impression that any reasonably complex piece of software can be ``hackproof''. Least of all a CMS with known vulnerabilities (in other words, it's been hacked, and I can provide proof... is that what you meant? :) In general, a piece of software may be more secure, it may have fewer or no known vulnerabilities, it may be well written, it may be crafted with security in mind, but you can nevertheless never prove that it is completely secure. When you discuss a moving target like a reasonably often-released CMS the assertion becomes even more meaningless, since a presumed secure package today may get bugs and vulnerabilities introduced into it in a future version. Regards, -- Raju -- Raj Mathur [EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F PsyTrance & Chill: http://schizoid.in/ || It is the mind that moves _______________________________________________ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Next Event: http://freed.in - February 22-24, 2008 Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/