| No, I was referring to the 'boogieman' backdoor you left in Phorum,
| which Jfs then found a few years ago. The one which you then tried to
| suppress all of your users from finding out about, until someone pasted
| info about it all over the Phorum forums thereby forcing you to come
| clean and remove the backdoor from your code.
Whoa, there is a blast from the past. I really figured people would change
that if they used the script. I had a big comment next to it that said
"backdoor user name if all else fails". I was naive, what can I say. I
promise I was not trying to leave backdoors open for me to get into people's
sites. If it was compiled code I could see you being suspicious. You had
to read pas that to read how to use the script. I guess boogieman was a bad
choice for the default too as it sounds evil. What does not kill us makes
us stronger.
| http://www.cgisecurity.com/archive/php/phorum.txt
Yeah, I was a little ticked off at this guy for not notifying us before
publicly posting these. That seems to be a problem for some people. I
guess they are afraid that if they don't go public first they won't get the
credit. We did fix all those issues within a day of finding out about them.
If we had known before the world, we could have saved some people some
possible problems.
Thanks,
Brian.
Phorum Dev Team
