(03-20-2015, 05:10 AM)Me.B Wrote:(03-20-2015, 05:00 AM)KwiceroLTD Wrote: Well, I never said not everyone cared about security, it's clear ballen doesn't care about security.
It's time for Sentora to stop using fork of already vulnerable code, to spend a weekend, and just crack out a completely recoded version, otherwise you're just expanding and in-the-end creating more vulnerabilities rather than patching them.
Not so true. We can fix all the issues that were raised over permissions/CGI/Zsudo in easy way. This had been discussed in internal section and lined up plans/solutions.
It's easy to start a new project for some than fixing the existing. I don't believe that. For many reasons:
1. When you write a new panel you might make the same pitfalls same as before even if it's a different developer. You will use the same permissions, way of coding.
2. What to say to all zpanel users? Or current sentora users? Hey guys you know what panel can't be fixed run away and use another panel? No sorry it can be fixed and we will fix it despite all the bad press we could get.
Security might not be perfect but with feedback (I've been calling for feedback since month's in low end and all I got is bashing and now one able to make a serious review!).
M B
As stated over at LET by a member, Sentora had a chance to change and get rid of bad ZPanel reputation, and instead got it all back again.
My opinions are mine and mine alone. They do not reflect the opinions of my company, staff, and it's affiliates.
