[development] Certify Drupal for use in Government (US) Projects

Web Developer lapurd at gmail.com
Wed Oct 1 14:08:59 UTC 2008


Is it everybody here so quick to see another person logic flaw, where in 
fact you just have to think a little further?

I did not suggest that you have to give such detail description that 
will expose exploit right away.
But I'm sure in most cases experienced developer/tester can come up with 
explanatory description without exposing too much.
I agree that some problem could be so obvious so any explanation will 
expose exploit info. Okay, but it is only one case.
There are many problems that are not so obvious.

Alex


Patrick Teglia wrote:
> it does not mean that exploit information has to be exposed. But detail
> description of the problem can help on its own even before solution come
> out.
>
> I am sorry, but even a guy with a Security+ certification (in other words,
> me :) ) can see the flawed logic in this statement.  A detailed description
> of the problem is a description of the vulnerability that attackers would
> EXACTLY be looking for.
>
> Patrick Teglia
>
>
> On Wed, Oct 1, 2008 at 7:19 AM, Web Developer <lapurd at gmail.com> wrote:
>
>   
>> it does not mean that exploit information has to be exposed. But detail
>> description of the problem can help on its own even before solution come
>> out.
>>     
>
>   


More information about the development mailing list