[theme-reviewers] malicious code found in a theme in the codex

fris fris at fris.net
Thu Feb 10 19:06:22 UTC 2011


The only reason I posted that is I had a client who downloaded a theme off a
site and it had the same code, and I searched on google, for the function
and the first result came up as a svn link, maybe a way to add to google
results as a description of some sort so no one downloads it.

 

Just an idea.

 

From: theme-reviewers-bounces at lists.wordpress.org
[mailto:theme-reviewers-bounces at lists.wordpress.org] On Behalf Of Chip
Bennett
Sent: Thursday, February 10, 2011 11:49 AM
To: theme-reviewers at lists.wordpress.org
Subject: Re: [theme-reviewers] malicious code found in a theme in the codex

 

I'm actually fine with leaving it in SVN, for reference/posterity.

 

But, is there some way that we could flag it, so that anyone attempting to
access it in SVN is warned that the Theme contains malicious code?

 

Chip

On Thu, Feb 10, 2011 at 10:46 AM, Otto <otto at ottodestruct.com> wrote:

On Wed, Feb 9, 2011 at 4:57 PM, Edward Caissie <edward.caissie at gmail.com>
wrote:
> Otto -
>
> Should we consider having this theme (and similar ones) removed from the
SVN
> repo? Just as a safety precaution if nothing else ... unless there is a
way
> to "hide" it from the public view.

I don't currently have direct access to the SVN (I can get it, if
needed), so I can't actually go and remove things from it.

But honestly, do you think it's really worth the trouble? It's in the
SVN, but so are a lot of things. The SVN is mainly just storage. If
it's not in the themes directory, then it's not really visible or
installable from WP itself. You have to go to a fair amount of trouble
to pull code from the SVN and install it.

-Otto

_______________________________________________
theme-reviewers mailing list
theme-reviewers at lists.wordpress.org
http://lists.wordpress.org/mailman/listinfo/theme-reviewers

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20110210/2e1ae990/attachment.htm>


More information about the theme-reviewers mailing list