Talk:Security recommendations: Difference between revisions
(Added important information that solves the discussion) |
(Added important information that solves the discussion) |
||
Line 3: | Line 3: | ||
Tim, I believe what you are mentioning is actually related to the future development of Moodle code, or possibly an existing security bug? There is actually a lead Security Officer, Petr Škoda (skodak), who is charged with reviewing the security code. He would probably like to see an example of what you mentioned. [[User:Moorejon|Moorejon]] Jonathan Moore 8:46, 12 February 2006 (CST) | Tim, I believe what you are mentioning is actually related to the future development of Moodle code, or possibly an existing security bug? There is actually a lead Security Officer, Petr Škoda (skodak), who is charged with reviewing the security code. He would probably like to see an example of what you mentioned. [[User:Moorejon|Moorejon]] Jonathan Moore 8:46, 12 February 2006 (CST) | ||
:Please, take a look at the "Before all" topic I have just added, based on Petr's opinion on this. | |||
Please, take a look at the "Before all" topic I have just added, based on Petr's opinion on this. |
Revision as of 18:09, 12 February 2006
Should this page deal with valid users as well? I'm talking about input sanitization, etc. For example, in my school's version of Moodle, I can craft some code that logs the user out as soon as they see my forum post. I suggest taking a look at MediaWiki's approach to code sanitizing. -- Tim McCormack is talk 12:45, 11 February 2006 (WST)
Tim, I believe what you are mentioning is actually related to the future development of Moodle code, or possibly an existing security bug? There is actually a lead Security Officer, Petr Škoda (skodak), who is charged with reviewing the security code. He would probably like to see an example of what you mentioned. Jonathan Moore Jonathan Moore 8:46, 12 February 2006 (CST)
- Please, take a look at the "Before all" topic I have just added, based on Petr's opinion on this.