News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Brian Teeman's Blog:
Can you trust your Joomla extensions?
November 05, 2009 @ 11:01:57

In a recent post to his blog Brian Teeman asks the question of Joomla users and developers - "can you trust your Joomla extensions?"

Sadly in the last 6 months there have been two published circumstances where an extension provider has been hacked and malicious code inserted into the extensions that they offer. This meant that as soon as you installed the extension your site was vulnerable to defacement etc. If there have been two published cases perhaps there have been more that we don't know about. So is there anything we can do to prevent this?

There is a sort of checking system in place with the md5sum matching but it's not widely supported currently. Sites like the Joomla Extension Directory would be prime candidates for sharing this sort of information to help protect those with Joomla installs all across the web.

Brian also suggests a way to make it even more seamless - integrate the md5sum checking into the Joomla code itself to make it even simpler for users to verify they they've gotten the write package from the right source (with the right code inside).

0 comments voice your opinion now!
joomla extension trust md5sum check


blog comments powered by Disqus

Similar Posts

Ibuildings techPortal: New Memcached Extension for PHP

Zend.com: Eclipse Announces Latest PHP Development Tools (PDT)

IBuildings techPortal: Profiling with XHProf

Bertrand Mansion's Blog: PHP with Itnl and Gettext on OSX Lion

Marcelo Araujo's Blog: my first extension - filter_ptBR


Community Events





Don't see your event here?
Let us know!


library opinion security voicesoftheelephpant symfony update language introduction release framework series laravel community interview mvc composer version package podcast tool

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework