[drupal-devel] security "official"
karoly at negyesi.net
Sun Feb 6 05:19:24 UTC 2005
To avoid future problems with security hole reporting, I'd advice creating a
security-team at drupal.org (or sg like that) address and advocating it on
drupal.org homepage or at least on the Support page. A few select people
should get these emails. So there will be no confusion where security holes
must be reported. I know that most probably Dries and Steven will get
these, but we can not assume that anyone who happens to stumble on a
security hole knows our leaders.
More information about the drupal-devel