Re: Forum Software - Mailing list pgsql-general

From Scott Marlowe
Subject Re: Forum Software
Date
Msg-id BB4329D6F8E32046ACFC6631ACA3E7BA18FC4D@koolancexeon.g2switchworks.com
Whole thread Raw
In response to Forum Software  (Harry Jackson <harryjackson@gmail.com>)
Responses Re: Forum Software
Re: Forum Software
List pgsql-general

On 12/30/05, Raymond O'Donnell <rod@iol.ie> wrote:

QUOTE:
I used it once (2004) because it supported Postgres. It got hacked in
under a month. I admit that this was a one off but having searched
around the Internet for various bulletin board software there seem to
be no end of problems with phpbb with regards security. I have even
come across articles claiming that the phpbb team try not to publish
all their exploits but rather blame PHIP [0] itself and they have a
tendency to ignore certain exploits in any releases that are not
current.
UNQUOTE:

That's hardly fair.  PostgreSQL also ignores security issues on older versions.  If you're running 8.0.0 and a security fix came out in 8.0.1, it's your fault, not the PGDG folks.

Also, as a big proponent of PHP, I have to admit that it's quite easy to write insecure software with it.  I've had nothing but good luck with PHPBB.  My main complaint is that no one in the PHPBB community seems to have ever heard of diff and patch, so all the hacks for it need to be applied by hand, one line at a time.

pgsql-general by date:

Previous
From: Tony Caduto
Date:
Subject: Re: Forum Software
Next
From: "John D. Burger"
Date:
Subject: Re: Order by, expressions & column aliases issue