[development] Irresponsible security researcher

Karoly Negyesi karoly at negyesi.net
Wed May 13 08:20:47 UTC 2009

> - this person wants to improve security of drupal
> - he made a patch, that maybe wasn't accepted or he was disapointed with
> the procedures of the community

He made a patch?

> -> so what's wrong with the person?

Check his site. Maybe the fact that he never posts a fix on the issues
he discloses (i might have missed some)?  And his disclosures include
precise, step-by-step exploits? That's not so nice, is it?



More information about the development mailing list