[consulting] Re: Fedora Core and the CMS Discussion
puregin
puregin at puregin.org
Thu Dec 15 02:41:58 UTC 2005
On 14-Dec-2005, at 6:19 PM, Khalid B wrote:
> If Seth or others on Fedora do not want Drupal because it is PHP,
> then there is no much we can do about it.
Agreed - there's perfectly good reasons not to support everything.
However, it's also good to explore the boundaries -
> What really got to me after reading this whole discussion is the
> constant FUD of "Drupal is insecure", which is mainly because
> of the XML-RPC (which was fixed, and even if it was not, it can be
> disabled, or even deleted).
>
> This is something we need to do something about, and it is mainly
> an perception/image problem than a real one.
I guess FUD is a fact of life. I think that Dries and the Drupal
community have already taken many of the right steps with
respect to getting out the right message about security
(security working group, security mailing lists, prompt
responses including advisories, patches, upgrades,
easy to find information on Drupal.org...)
Not that one can't do more... but that is for another thread :)
Djun
More information about the consulting
mailing list