[development] Irresponsible security researcher
Greg Knaddison
Greg at GrowingVentureSolutions.com
Wed May 13 15:07:37 UTC 2009
On Wed, May 13, 2009 at 9:00 AM, Andrew Berry <andrewberry at sentex.net> wrote:
> On 12-May-09, at 9:22 PM, Karoly Negyesi wrote:
>
>> This guy believes in full disclosure so much he discloses everything
>> he finds instead letting us fix and disclose.
>
> Did he report this issue? http://justin.madirish.net/node/339. I still seems
> exploitable. I see he's been credited for SA's in the past. It's a shame
> that the noise from him is drowning out the real issues he's finding.
It's the same as http://drupal.org/node/372836 or maybe it's even the
issue that prompted http://drupal.org/node/372836
Either way, it's "addressed."
Regards,
Greg
--
Greg Knaddison | 303-800-5623 | http://growingventuresolutions.com
Cracking Drupal - Learn to protect your Drupal site from hackers
Now available from Wiley http://crackingdrupal.com
More information about the development
mailing list