[ProgSoc] Why you shouldn't pus config info in a .ini file (for a web app)
wtfiwtz at gmail.com
Sat Aug 20 07:10:54 EST 2011
On Fri, Aug 19, 2011 at 9:51 PM, John Elliot <jj5 at jj5.net> wrote:
> On 19/08/2011 8:51 PM, Leefe Hicks wrote:
>> What is the correct procedure for reporting to an Open Source project a
>> security flaw that you can drive a truck through?
> I'd probably try to find an email address for one of the active devs and
> email them privately.
The larger projects will have a "security" page with a contact email address
for reporting any issues. You could also file a bug if this is available to
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Progsoc