Discuss mailing list

[Caleb Langeslag <takyoji AT gmail.com>]

On Sun, Feb 6, 2011 at 7:30 PM, Larry Brower <larry AT maxqe.com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 02/06/2011 07:04 PM, Caleb Langeslag wrote:
> I completely forgot there even was a forum in the Joomla installation.
> If we rid of the Joomla installation, I can just migrate everything
> (posts, topics, users) to a phpBB3 installation, and write something to
> bridge authentication from the Wikka Wakka installation to phpBB3 (so
> that people wouldn't need an account for the forum, and another account
> for the wiki).
>

Would it not make sense though to use something with less security
issues than PHPBB3 ? Perhaps VB or IPB? I think even SMF has less
problems than PHPBB3

Have you even administrated a phpBB3 installation? Also I have no f-ing clue where you're getting the poor security history idea from. Here's a simple little comparison:

phpBB3: http://secunia.com/advisories/product/17998/?task=advisories

    History: 

        4 less-critical vulnerabilities, 

        1 moderate critical. 

        No vulnerabilities are unpatched.

vBulletin 3: http://secunia.com/advisories/product/3212/?task=advisories

    History: 

        2 not-critical exploits, 

       13 less-critical vulnerabilities (2 unpatched still)

        9 moderately-critical 

        2 highly-critical (4, if you consider each vulnerability separate, since the two reports are of two vulnerabilities)

Also, I don't see what the benefit of a proprietary forum solution (vBulletin or IPB) would be. And feel free to prove me wrong by writing an extension for either vBulletin or IPB to bridge authentication from a Wikka Wakka installation.