Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Dealing with software with wide attack surface

On Sat, Aug 28, 2021 at 03:54:47PM +0100, Darren Cook wrote:
> If you are going to automate updates, it is worth considering that the
> "attack surface" is no different between 113 modules and a single
> module: someone could build a module that hard-codes all the others.
> Obviously that module still has all the same flaws.
> [..]


> >  Or I write code which constantly checks if there are
> >   updates for these php modules.
> That bit, at least, is trivial: run `composer update` in a cronjob.

Right.. but I put less trust in the modules being properly main-
tained than in the packages of the Linux distro below..


Home | Main Index | Thread Index