Drupal is actually quite dangerous. It's been known to cause muscle mass to randomly atrophy. A strange phenomenon indeed.
But, if you're willing to risk the randomly reduced muscle mass, there is one particular "safety" issue that stands out to me as a new drupal module developer. There seems to be some built-in (if the coder follows drupal coding standards) protections against SQL injection attacks. This is good because it's hard to recover a screwed up database.
As far as other security issues, I'm not sure. I've only been working with drupal for a few weeks...
Core seems safe enough (or rather, as safe as any other). However, as a new user myself, I do have the same question to ask about modules. Since Drupal comes with little basic core functionality, a large number of modules is required to develop a site. I wonder how safe the modules are, and whether they are tested?
The security team works with module developers who have bypassed Drupal's built in protection measures and opened up users to possible attacks. You can subscribe to the security mailing list to be notified when these types of issues get resolved. This helps you stay up to date with the latest security fixes.
Drupal has folks working to protect against XSS, SQL injection, form/session hijacking (maybe there's a better word here), and idiot mistakes. I feel confident in the software and the team... so confident if it screws up your site, I'll let you take me out to dinner!
Comments
Not so safe...
Drupal is actually quite dangerous. It's been known to cause muscle mass to randomly atrophy. A strange phenomenon indeed.
But, if you're willing to risk the randomly reduced muscle mass, there is one particular "safety" issue that stands out to me as a new drupal module developer. There seems to be some built-in (if the coder follows drupal coding standards) protections against SQL injection attacks. This is good because it's hard to recover a screwed up database.
As far as other security issues, I'm not sure. I've only been working with drupal for a few weeks...
Thanks,
Caleb
http://www.education-finder.net
Visit:
Visit: http://drupal.org/security
Core seems safe enough (or rather, as safe as any other). However, as a new user myself, I do have the same question to ask about modules. Since Drupal comes with little basic core functionality, a large number of modules is required to develop a site. I wonder how safe the modules are, and whether they are tested?
The security team works with
The security team works with module developers who have bypassed Drupal's built in protection measures and opened up users to possible attacks. You can subscribe to the security mailing list to be notified when these types of issues get resolved. This helps you stay up to date with the latest security fixes.
Drupal has folks working to protect against XSS, SQL injection, form/session hijacking (maybe there's a better word here), and idiot mistakes. I feel confident in the software and the team... so confident if it screws up your site, I'll let you take me out to dinner!
----------------------
Drupal by Wombats | Current Drupal project: http://www.ubercart.org