[theme-reviewers] malicious code found in a theme in the codex

Clara Choi me at clarachoi.net
Sun Feb 27 07:07:33 UTC 2011


I agree that it's not a big concern, but no one is going to know that there
are problems, if there's sort of no record of it over time, I agree with
chip's idea of flagging it.

Would it not be easy enough to move malicious themes to a subdirectory like
contains_malicious_code or something so whoever is looking through svn
knows. This would fix the google indexing problem.

Cheers,
Clara Choi


On Fri, Feb 11, 2011 at 8:12 AM, Philip M. Hofer (Frumph) <philip at frumph.net
> wrote:

>  I'm going to agree with Mike on this one it's just not something even
> worrying about, it's inherit if the person goes through the trouble to find
> the svn's for things not publically accessable then they are just going to
> have to take on the consequences
>
>
>
> ----- Original Message -----
> *From:* Mike Little <wordpress at zed1.com>
> *To:* theme-reviewers at lists.wordpress.org
> *Sent:* Friday, February 11, 2011 3:58 AM
> *Subject:* Re: [theme-reviewers] malicious code found in a theme in the
> codex
>
> On 10 February 2011 17:02, Edward Caissie <edward.caissie at gmail.com>wrote:
>
>> I know there "are a lot of things" in the SVN that could be bad if someone
>> did go to the trouble of checking them out then installing them wherever ...
>> just putting the idea out there for discussion on whether or not those
>> themes should be addressed in some fashion.
>>
>>
> Don't forget that every old version of every checked-in theme file is
> available on subversion too; including security bugs and every bit of bad
> code, . This is the nature of open code repositories and should remain so.
>
> I don't think there is any point even thinking about this.
>
>
> Mike
>
>  ------------------------------
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20110227/ea5b2403/attachment-0001.htm>


More information about the theme-reviewers mailing list