[support] Is it mandatory to run updates if only trusted people can create content and comments?
Francesco
entuland at gmail.com
Tue May 19 21:33:15 UTC 2009
Hi Justin,
thank you for your response. These words of yours:
> Any data from a user is a possible attack vector for potential
> hackers.
are just what I needed to hear. I have to explain the need of updates
depending on the amount - and moreover on the configuration - of the
Drupal modules to the people I am making sites for.
> I'd say that if users can't create or modify content you're
> safer, but I'd still run updates.
> Not only do the updates fix security
> problems, they provide bug fixes which might improve the functioning
> of your site.
No problem for my very sites, I'm more concerned about my "clients"
sites security - clients inside quotes because that's not paid work
:-/ More the modules, more the updates to take care of...
Well, I'll find an arrangement.
Thanks a lot,
Francesco
More information about the support
mailing list