[development] Fwd: [SECURITY] [DSA 1125-1] New drupal packages
fix execution of arbitrary web script code
Adrian Rossouw
adrian at bryght.com
Thu Jul 27 11:09:29 UTC 2006
On 27 Jul 2006, at 11:36 AM, Dries Buytaert wrote:
>
> The .install files, the update script and the installer could take
> some burden of the package maintainers (but might need a command
> line extension so they can be hooked into their tools).
>
nothing is stopping you from running drupal on the command line.
All you need to do is set some environment variables before you
bootstrap.
We need meta-data and dependency information before we can do that
though.
Now that we have modules in their own directories, that entire
process can start up again.
We also need to tackle individual module versioning. Each and every
time a drupal.org module
distribution package gets updated with any change whatsoever, a new
version needs to be created.
--
Adrian Rossouw
Drupal developer and Bryght Guy
http://drupal.org | http://bryght.com
More information about the development
mailing list