Secure Domain/capabilities in Joomla Framework version 2

This board is for discussions about joomla.org blog posts.
Forum rules
Global Rules
sriz786
Joomla! Apprentice
Joomla! Apprentice
Posts: 20
Joined: Sun Feb 18, 2007 5:40 am

Secure Domain/capabilities in Joomla Framework version 2

Postby sriz786 » Thu Feb 12, 2015 8:46 pm

http://developer.joomla.org/news/603-fr ... admap.html

Based on above announcement, I am deeply confused even frustrated that Security domain and capabilities are not taking into account for Joomla Framework ver2.

Online companies, organizations, individuals are constantly getting hacked and their information is up for the grabs because secure domains and requirements are not considered when building applications and online/mobile presence.

What is Joomla leadership and technology teams doing to address security in the Joomla Framework and Joomla CMS.

Please advise.

Kind regards,

Rizwan

User avatar
alikon
Joomla! Champion
Joomla! Champion
Posts: 5938
Joined: Fri Aug 19, 2005 10:46 am
Location: Roma
Contact:

Re: Secure Domain/capabilities in Joomla Framework version 2

Postby alikon » Fri Feb 13, 2015 5:25 pm

as reported on the roadmap

"We welcome feedback and discussion .......
.... If you would like to comment on this proposal, we invite you to participate on this thread on the Framework's Google Group
"
Nicola Galgano
i know that i don't know
www.alikonweb.it

User avatar
mbabker
Joomla! Hero
Joomla! Hero
Posts: 2027
Joined: Sun Feb 28, 2010 8:26 pm
Location: White Bear Lake, MN, USA
Contact:

Re: Secure Domain/capabilities in Joomla Framework version 2

Postby mbabker » Sat Feb 14, 2015 1:46 am

Would you care to elaborate on what you're referring to specifically?

As far as building an application via the Framework goes, a tool that isn't offered is an ACL system to limit user behaviors within the application (however there are plenty of alternatives in the PHP marketplace). This feature obviously exists in the CMS.

There are tools in place to enable developers to encrypt data via the Crypt and Keychain packages (with similar classes in the CMS) and the application classes support HTTPS based connections.

Compared to other framework and CMS stacks in the PHP marketplace, I'd say that what Joomla offers out of the box is on par with other vendors as far as providing various tools goes. Without knowing specifically what you feel needs to be addressed in our code base, it's difficult to give any additional feedback.
Production Department Coordinator, Release Lead, CMS Maintainer, Framework Maintainer, Security Team Member, .org System Administrator

Manually updating Joomla? See https://gist.github.com/mbabker/d7bfb4e1e2fbc6b7815a733607f89281

sriz786
Joomla! Apprentice
Joomla! Apprentice
Posts: 20
Joined: Sun Feb 18, 2007 5:40 am

Re: Secure Domain/capabilities in Joomla Framework version 2

Postby sriz786 » Mon Dec 05, 2016 4:41 pm

Good day all,

Does Joomla development team uses secure development platform for secure coding practices and testing code for secure development?0

There are automated tools like Veracode and HP Fortify" In addition look at below Google announcement and resource. Thank you!

https://testing.googleblog.com/2016/12/ ... zzing.html

My hope is that Joomla will stand out for its resilient and secure coding for online communities and E-Commerce capabilities.

Sincerely,

jackB2010
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Wed Oct 11, 2017 12:09 pm

Re: Secure Domain/capabilities in Joomla Framework version 2

Postby jackB2010 » Wed Oct 11, 2017 12:16 pm

thank


Return to “Community Blog Discussions”

Who is online

Users browsing this forum: No registered users and 2 guests