[development] Slight API change in 4.6.10 and 4.7.4

Greg Knaddison - GVS Greg at GrowingVentureSolutions.com
Fri Oct 20 17:53:30 UTC 2006

On 10/20/06, Derek Wright <drupal at dwwright.net> wrote:
> p.s. for the record, i sent exactly such an introduction email to the
> security team about 1/2 year ago, and basically have never been
> contacted by them for anything.


perhaps in the transition from chx -
>  > heine, my offer was lost in the cracks.  i have discovered
> security holes in project.module and made releases and sec.
> announcements for them back in april (when i first offered to be a
> more active member of the sec. team), but otherwise, i haven't had
> any direct interaction with the security team.

Except I'm less experienced in finding problems than you, apparently.

> if y'all are feeling
> understaffed and overworked, perhaps you could make better use of the
> people like myself who've already volunteered to help.  maybe we need
> a security-volunteers at drupal.org list for this 2nd tier of
> developers: not the official team, but the (if i may say so) clueful
> people who want to help, and can be called upon to discuss patches,
> assess problems in contrib caused by new versions of core, whatever.
> just a thought.

This is an interesting idea.  It would still have to be a list of
relatively well trusted individuals to keep out someone who hopes to
gain previews of security holes so they can take advantage of them.
For the small amount it's worth, I like that idea if the preference is
to keep security@ to just a small group of people.


Greg Knaddison | Growing Venture Solutions
Denver, CO | http://growingventuresolutions.com
Technology Solutions for Communities, Individuals, and Small Businesses

More information about the development mailing list