On 9/29/10 5:32 AM, Robert Kaiser wrote:
I guess that the particular setup of automated PHP stuff on mozdev must have some problem. Neither the operating system nor PHP by itself are security risks, or else they would not both be in use in highly attack-prone setups. I guess the particular code mozdev uses for automating a number of things has a problem and would need a security audit, which is not so easy when you have a resource shortage like this project does.
The security risk is that project owners having access to php and the write access to the database ...
For the 9 years Mozdev has been up, everyone has operated and used these resources responsibly.
This issue needed to be addressed and so now we are addressing it. --pete -- Pete Collins - Founder, Mozdev Group Inc. www.mozdevgroup.com Mozilla Software Development Solutions tel: 1-719-302-5811 fax: 1-719-302-5813 _______________________________________________ Project_owners mailing list Project_owners@mozdev.org https://www.mozdev.org/mailman/listinfo/project_owners