NinjACL Internal Alpha Test Phase Begins Now
Follow up:
Some Backgrounds
NinjACL is a fork of the ByOS Tech's JACLPlus component. I reorganized the whole source code, and threw my eye on memory consumption, parser friendlyness and system security. I really do not understand, why 
left the component's admin section fully vulnerable to [1] Cross Site Request Forgery (CSRF) attacks.
As of the fact, that one [2] cannot really secure a web application against such attacks, web developers even have to take measures on hardening network listening software as best as they can! And as of the next fact, that the Joomla!™ Core team has released security patches, respectively version 1.0.15, we even do not have to reinvent the wheel! We only need to take care of. 
I believe that the release of NinjACL is one of our greatest efforts in customer care and system security. We will certainly keep our eyes on our other Keepers too.
[1] Cross Site Request Forgery
[2] Using Prism To Administrate Joomla Safer
XML Feeds
Trackback address for this post
Trackback URL (right click and copy shortcut/link location)
3 Kommentare, 1 trackback
What are you looking for in terms of testing/testers?
- Steve
Bookmarked your post over at Blog Bookmarker.com!
I need you, respectively us Ninjas to simulate well known situations for the usage of a needed Access Control. So i would be happy if we could simulate and test such environments, maybe in conjunction with other extensions too.
By now I do only tests on the functionality and programming errors of the extension.
Best Regards
Uwe
Hinterlasse einen Kommentar