vb.org Archive
Page 3 of 9 12 3 45 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin.org Site Feedback (https://vborg.vbsupport.ru/forumdisplay.php?f=7)
-   -   Who installed the hack. (https://vborg.vbsupport.ru/showthread.php?t=91039)

flup 06-26-2005 10:16 AM
No i get it now, haven't thought with that one :)

Paul M 06-26-2005 12:33 PM
Quote:
Originally Posted by Dean C
As said above, it's a privacy issue. For example, if there was a modification which had a big exploit, one could go to the list of users who have installed, and look to see which have it in their profile, and then go round exploiting. Whilst, we realise that 99% of vB.org users would never do this, there is always the slim possibility :)
Maybe I'm missing something here. Exactly how is this an issue ? ONLY the hack author would be able to see this list, not everyone. How is there any more of a risk of the AUTHOR doing this then there already is - and in most cases (as I have complained elsewhere) - few people have any link to their site from here anyway, so even if I knew "joebloggs" had it installed - I have no idea what his site is.

Dean C 06-26-2005 01:35 PM
Ah, we're talking about showing this list to everyone though Paul :)

Andreas 06-26-2005 01:50 PM
A list of all users who installed a Hack just for the Hack author would be nice :)
And I don't se privacy issues there, as he can already compile such a list be viewing all posts - which is a PITA when the Thread is several hundred posts long.

Marco van Herwaarden 06-26-2005 01:56 PM
Quote:
Originally Posted by KirbyDE
A list of all users who installed a Hack just for the Hack author would be nice :)
And I don't se privacy issues there, as he can already compile such a list be viewing all posts - which is a PITA when the Thread is several hundred posts long.
That would only be possible if everybody who installed made a reply.

Paul M 06-26-2005 02:07 PM
Quote:
Originally Posted by Dean C
Ah, we're talking about showing this list to everyone though Paul :)
Ah, but I wasn't ;)

Quote:
Originally Posted by Paul M
If only the author can pull up a list then where's the harm. :)
I would never suggest that everyone could see it - as that clearly would be an issue. :)

flup 06-26-2005 02:25 PM
I wasn't talking about everyone either, just for the hack author...

Chris M 06-26-2005 02:34 PM
It used to be for all, but I agree, only the hack author, co-authors, and obviously staff, can see the list...

This could also be useful, because even if users do not reply, or accept hack updates via email, you could still contact them via PM or another method or alert a staff member that "User x" has a serious vulnerability with their site (after checking it out), and you could get the hole patched ;)

Satan

Marco van Herwaarden 06-26-2005 09:44 PM
For that it would be better to create a button to send a security warning by mail and pm. Still no need to see the names.

Atm even staff can not see the names.

Xenon 06-27-2005 09:44 AM
As already said, it's because of privacy issues.

A user who posts within the supportthread, realises, that when a security flaw is found, he could be a possible victim, but if he does not post then he has to be sure he is "safe".
Of course we could just generate a list just for authors, but there could always be a black sheep there as well.

I can understand both sides, i sometimes miss that feature myself, but as said, the disadvantages are bigger than the fun factor, so we won't add it again.


All times are GMT. The time now is 01:05 PM.
Page 3 of 9 12 3 45 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01122 seconds
  • Memory Usage 1,737KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (4)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete