[Project_owners] [URGENT] Action required: mozdev security flaw

Pete Collins pete at mozdevgroup.com
Tue Sep 28 19:10:54 PDT 2010


On 9/28/10 6:59 PM, Mycroft Project wrote:
> so why are you still letting me run it at all?
> there must be a way of achieving a better position than the current
> situation with no extra risk.

We enabled php for you because you are a trusted project.

You can't rename your .php files?

It's either you guys help us secure mozdev and go through this hassle or 
we will have to shut down the site entirely ...

It is an inconvenience but we need your cooperation.

Shutting down php on a per project basis was the best solution we could 
come up to tighten security while at the same time providing php to 
projects like yours that need it.

If you can come up w/ an easier solution I'm all ears ...

--pete




-- 
Pete Collins - Founder, Mozdev Group Inc.
www.mozdevgroup.com
Mozilla Software Development Solutions
tel: 1-719-302-5811
fax: 1-719-302-5813



More information about the Project_owners mailing list