Talk:Security recommendations: Difference between revisions
No edit summary |
(Added important information that solves the discussion) |
||
Line 2: | Line 2: | ||
Tim, I believe what you are mentioning is actually related to the future development of Moodle code, or possibly an existing security bug? There is actually a lead Security Officer, Petr Škoda (skodak), who is charged with reviewing the security code. He would probably like to see an example of what you mentioned. [[User:Moorejon|Moorejon]] Jonathan Moore 8:46, 12 February 2006 (CST) | Tim, I believe what you are mentioning is actually related to the future development of Moodle code, or possibly an existing security bug? There is actually a lead Security Officer, Petr Škoda (skodak), who is charged with reviewing the security code. He would probably like to see an example of what you mentioned. [[User:Moorejon|Moorejon]] Jonathan Moore 8:46, 12 February 2006 (CST) | ||
== Added important information that solves the discussion == | |||
Please, take a look at the "Before all" topic I have just added, based on Petr's opinion on this. |
Revision as of 18:08, 12 February 2006
Should this page deal with valid users as well? I'm talking about input sanitization, etc. For example, in my school's version of Moodle, I can craft some code that logs the user out as soon as they see my forum post. I suggest taking a look at MediaWiki's approach to code sanitizing. -- Tim McCormack is talk 12:45, 11 February 2006 (WST)
Tim, I believe what you are mentioning is actually related to the future development of Moodle code, or possibly an existing security bug? There is actually a lead Security Officer, Petr Škoda (skodak), who is charged with reviewing the security code. He would probably like to see an example of what you mentioned. Jonathan Moore Jonathan Moore 8:46, 12 February 2006 (CST)
Added important information that solves the discussion
Please, take a look at the "Before all" topic I have just added, based on Petr's opinion on this.