[theme-reviewers] Review Ticket 2274

Sat Jan 1 20:55:40 UTC 2011

I understand your point of reference, but if a real "hacker" wants to attack
WordPress I would find it very hard to believe they would need to worry
about finding a specific version to define their attack vector. I have faith
in the WordPress developers, and the community at large, to point out any
potential risks and fix them immediately as has been seen in the recent
3.0.x releases.

Given the above, you may suggest the Theme author make the display of the
version number optional (as your own personal recommendation), but having it
display is not an item that would currently stop a theme from being
"approved" to be included in the repository.

Cais.

On Sat, Jan 1, 2011 at 3:41 PM, Daniel Tara <contact at onedesigns.com> wrote:

> Let’s say some bored hacker is googling for “powered by wordpress 3.0.3”.
> It actually returns results.
>
>
>
> *From:* theme-reviewers-bounces at lists.wordpress.org [mailto:
> theme-reviewers-bounces at lists.wordpress.org] *On Behalf Of *Edward Caissie
> *Sent:* Saturday, January 01, 2011 10:39 PM
>
> *To:* theme-reviewers at lists.wordpress.org
> *Subject:* Re: [theme-reviewers] Review Ticket 2274
>
>
>
> How does a public facing WordPress version create a security issue? It's
> easily found in the meta tags by default
>
> On Sat, Jan 1, 2011 at 3:36 PM, Philip M. Hofer (Frumph) <
> philip at frumph.net> wrote:
>
> Yeah it does and good eye on that one
>
>
>
>
>
> ----- Original Message -----
>
> *From:* Daniel Tara <contact at onedesigns.com>
>
> *To:* theme-reviewers at lists.wordpress.org
>
> *Sent:* Saturday, January 01, 2011 12:32 PM
>
> *Subject:* Re: [theme-reviewers] Review Ticket 2274
>
>
>
> Hi,
>
>
>
> Ok, I’ll take better care at giving explanations.
>
>
>
> Yes, by default the footer shows “Powered by WordPress 3.1-RC1”. I felt
> that threatens the site’s security.
>
>
>
> Daniel
>
>
>
> *From:* theme-reviewers-bounces at lists.wordpress.org [mailto:
> theme-reviewers-bounces at lists.wordpress.org] *On Behalf Of *Philip M.
> Hofer (Frumph)
> *Sent:* Saturday, January 01, 2011 10:30 PM
> *To:* theme-reviewers at lists.wordpress.org
> *Subject:* Re: [theme-reviewers] Review Ticket 2274
>
>
>
> If you could add to the ticket an explanation why the calling of RSS
> tickets, with automatic-feed-links that'd be great
>
>
>
> One of the things that we've been trying to emphasis is the further
> explanation portion, the why and how part where we're teaching not just
> giving blank solid answers
>
>
>
>
>
> i'm also not sure what you mean by public face the version of wordpress?
> he has wordpress ver.  showing up in the footer?
>
>
>
>
>
> ----- Original Message -----
>
> *From:* Daniel Tara <contact at onedesigns.com>
>
> *To:* theme-reviewers at lists.wordpress.org
>
> *Sent:* Saturday, January 01, 2011 12:27 PM
>
> *Subject:* [theme-reviewers] Review Ticket 2274
>
>
>
> Hi,
>
>
>
> Here’s my review for theme iline - 1.0.3
>
>
>
> http://themes.trac.wordpress.org/ticket/2274#comment:2
>
>
>
> Daniel
> ------------------------------
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
> ------------------------------
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20110101/77cb546f/attachment.htm>