vb.org Archive
Page 3 of 4 12 3 4
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin.org Site Feedback (https://vborg.vbsupport.ru/forumdisplay.php?f=7)
-   -   Official Policy: When Security Vulnerabilities in Hacks are Found (https://vborg.vbsupport.ru/showthread.php?t=92236)

Dan 06-20-2005 11:07 AM
Sounds like a good solution if a problem like this is ever found.

noppid 06-20-2005 02:14 PM
Good to see this new policy in place. Great news.

Paul M 06-20-2005 11:19 PM
I must have missed the bit that says you will close the thread - what exactly does this achieve besides denying anyone further support ?

Andreas 06-20-2005 11:23 PM
Quote:
Originally Posted by Erwin
If there is no response from the author or the author provides an insufficient fix within a 7 days, we will remove the FILES out of the hack support thread, post a public warning in the thread regarding the problem (without any details to prevent others from taking advantage), an close the thread.
Closing the thread helps to prevent ppl posting exploits for example.

Paul M 06-20-2005 11:30 PM
Quote:
Originally Posted by KirbyDE
Closing the thread helps to prevent ppl posting exploits for example.
Um, right ...... I think that's a little far fetched tbh. I can imagine people are now goinig to create new threads when they want support for said hack (and could also post exploits in a new thread if it comes to that). It's your policy I suppose, but I can't see the benefit in closing the support thread. The main thing is to remove the files, which has happened. Just my opinion. :)

noppid 06-21-2005 01:23 AM
Any policy will need refining, but putting the code on hold and trying to avoid the exploit being spelled out till fixes are applied is a good idea.

Erwin 06-21-2005 02:48 AM
Quote:
Originally Posted by Paul M
Um, right ...... I think that's a little far fetched tbh. I can imagine people are now goinig to create new threads when they want support for said hack (and could also post exploits in a new thread if it comes to that). It's your policy I suppose, but I can't see the benefit in closing the support thread. The main thing is to remove the files, which has happened. Just my opinion. :)
Leaving the thread open will lead to members speculating as to what the exploit is - a bright spark will probably inadvertently post it and before it gets removed people would read about it. Like we said - if we get a fix, we will send it to the people who have already installed it (rather than posting it in the open for example). The aim is to do damage control, not to make things worse.

MrZeropage 06-21-2005 08:38 AM
very good !

GraphicW 06-27-2005 12:01 PM
I like the policy and the fact that exploits are not fully discussed in public. I am just glad I have always clicked "INSTALL" and I think this policy will further encourage all members to always click "INSTALL" with every hack they use.

Princeton 06-27-2005 12:28 PM
I think this is a great idea!

I would also encourage the vb.org staff to write a short tutorial on
what to look for, preventing, what is ??, etc, etc

something short and to the point ... at the very least, it will make your job easier


All times are GMT. The time now is 06:17 AM.
Page 3 of 4 12 3 4
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01023 seconds
  • Memory Usage 1,734KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete