Greymatter 1.3


After using Greymatter as the content management system for this site for a couple years, I wound up getting interested in what was going on under the covers. I never really cared before, because the script just worked. I had looked into it enough to know it was written in baby talk Perl, and not altogether well-optimized, but it functioned beautifully and never let me down.

Then a bunch of goofballs figured out a way to exploit a vulnerability in the way the script handled PHP tags. A clever person figured out that GM's combination of weak input validation and world-writeable directories makes it possible to do some fairly nasty things to someone with a .php extension who allows comments. So I patched up my copy (copies by then--I had a Greymatter 1.21b and a 1.21c running) once I caught wise to what was going on.

Eventually I found myself at the Greymatter forums, where there was some additional discussion of the vulnerability, and much anguish over its effects. I decided to improve my patch, and contribute it. That's the beauty of open source--if you don't like the prog, submit a patch. A philosophy I can deal with.

Well, I never knew what hit me. I seem to be a maintainer now of this script that has seen no development in over two years. And together with flipped cracker from the Greymatter forums, we put together a 1.3 release that should knock everyone's socks off. We fixed lots of bugs. We improved the installation. We added new config options and integrated several popular mods. We fixed the noxious security issues in a robust way. We improved the docs. We enhanced the upgrade routine.

And I've been using the 1.3 "release candidate" on this site for a couple weeks and it works well. I've done a ridiculous amount of testing, possibly the most testing anyone's done on Greymatter. So, we're gonna release it. As soon as flipped cracker is happy with it, we're going to put out the first new version of Greymatter in a very long time. A lot of other tools are available now, but this one has a bit of life left in it I think.

