i'm glad folks agree this is worth while, but the point of my email wasn't just to solicit +1s and praise... ;) On Feb 28, 2007, at 10:59 , Derek Wright wrote:
i don't have time to work on this, but i'd be willing to help someone(s) else. or, if anyone thinks this is such a good idea, they want to pay me to work on it instead of my other consulting gigs, that might work, too. ;) if we could stand to wait that long, this might make a nice SoC 2007 project, too.
a) does anyone actually have time to work on this? ("talk is silver, code is gold"). b) does anyone have money to hire someone to work on this? c) should we suffer without this for 1/2 a year and propose it as a 2007 Summer of Code project? d) any other bright ideas on how to actually get it done? i'm way more interested in having the profile than hearing everyone say how much they like my idea (though a little positive feedback is nice for a change). ;) so, if this thread is going to be valuable for the community, it should quickly move towards "who/how/when" for an implementation... thanks, -derek p.s. i should mention that the "fill up with malicious XSS content" aspect was inspired by something Heine (and perhaps Killes) were talking about once that really struck me as a grand idea. however, they were talking about a DB dump to use for testing, whereas i like the idea of just autogenerating the malicious content via the install profile, so you can always test the latest DB schema, instead of being stuck with something fixed.