> - this person wants to improve security of drupal > - he made a patch, that maybe wasn't accepted or he was disapointed with > the procedures of the community
He made a patch? > -> so what's wrong with the person? Check his site. Maybe the fact that he never posts a fix on the issues he discloses (i might have missed some)? And his disclosures include precise, step-by-step exploits? That's not so nice, is it? Regards NK
