News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Brian Teeman's Blog:
Can you trust your Joomla extensions?
November 05, 2009 @ 11:01:57

In a recent post to his blog Brian Teeman asks the question of Joomla users and developers - "can you trust your Joomla extensions?"

Sadly in the last 6 months there have been two published circumstances where an extension provider has been hacked and malicious code inserted into the extensions that they offer. This meant that as soon as you installed the extension your site was vulnerable to defacement etc. If there have been two published cases perhaps there have been more that we don't know about. So is there anything we can do to prevent this?

There is a sort of checking system in place with the md5sum matching but it's not widely supported currently. Sites like the Joomla Extension Directory would be prime candidates for sharing this sort of information to help protect those with Joomla installs all across the web.

Brian also suggests a way to make it even more seamless - integrate the md5sum checking into the Joomla code itself to make it even simpler for users to verify they they've gotten the write package from the right source (with the right code inside).

0 comments voice your opinion now!
joomla extension trust md5sum check


blog comments powered by Disqus

Similar Posts

Anthony Ferrara: Thoughts On PECL Frameworks

TopWebNews.com: Web Services and PHP

Matthew Turland's Blog: Log Analysis and PHP

Zend Developer Zone: PHP Built in Input filtering

Pierre-Alain Joye's Blog: Zip 1.8.7, safemode and open_basedir fixes


Community Events





Don't see your event here?
Let us know!


introduction series update package opinion deployment symfony interview api list release install zendserver language podcast laravel library tips community framework

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework