[BangPypers] [ANN][X-Post] SciPy India conference in Dec. 2009
Kenneth Gonsalves
lawgon at au-kbc.org
Thu Oct 8 01:31:13 CEST 2009
On Wednesday 07 Oct 2009 3:38:25 pm Noufal Ibrahim wrote:
> On Wed, Oct 7, 2009 at 3:16 PM, Kenneth Gonsalves <lawgon at au-kbc.org>
> wrote: [..]
>
> > django, plone has about one issue every two years - usually minor and not
> > affecting anything critical. There is something radically wrong in a
> > software that gets one core critical issue a month (even then drupal is
> > better than wordpress that churns out such things 2 or 3 times a
> > month).[..]
>
> One thing to consider is that the number of deployed installations of
> PHP based CMSs like Drupal and Wordpress is much MUCH higher than the
> Python based ones like Plone. That alone will skew the numbers quite a
> bit.
>
> There are cases of course where the software itself was not designed
> with security in mind perhaps for an earlier era (eg. Sendmail) where
> the number of exploits is quite high but I don't think Drupal falls
> into this category.
>
> Your comment however begs the question - do you feel that one of the
> reasons why Drupal is 'insecure' because it's coded in PHP?
frankly I have no idea - apart from the empirical observation that most PHP
apps have security pages/mailing lists and most python apps do not have them.
--
regards
Kenneth Gonsalves
Senior Project Officer
NRC-FOSS
http://nrcfosshelpline.in/web/
More information about the BangPypers
mailing list