The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 |
From: Omry Yadan <o...@yadan.net>
Date: Sun, 23 Sep 2007 11:52:13 +0300
Local: Sun, Sep 23 2007 4:52 am
Subject: Re: [wp-hackers] Plugin update & security / privacy
1. no need to even send the version to know there is a need to update
(just get the latest version number and compare to the current version). 2. if wp send information about the blog, the users should be aware of Moritz 'Morty' Strübe wrote: _______________________________________________ > I know this will not change until Monday, but is it really necessary to > transmit the URL? Wouldn't the md5 of the URL do? I know it's easy to > find WP-Blogs via google. But imagine have them all nicely in a database > - All of them. Including version, plugins and so on. If that database > gets public and you find a security bug in one of the plugins - there > are enough - you can start a _very_ effective attack! > -> update.php:85 $http_request .= 'User-Agent: WordPress/' . > Cheers > _______________________________________________ wp-hackers mailing list wp-hack...@lists.automattic.com http://lists.automattic.com/mailman/listinfo/wp-hackers You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
| |||||||||||||