Hi,

Does anyone have opinions based on how secure these content management systems are?

Drupal
Nucleus
Geeklog

Thanks.

Security here is a product of two factors: the script quality and the underlying platform.

As for the scripts: the undelying PHP engine, Apache and Mysql suffer from the same vulnerabilities as all other components of a system. Mainly buffer overflow vulnerabilities. But there's no big deal if you maintain properly and keep your server behind a firewall.
The scripts you mentioned seem okay. I can't recall having read alerts the last month (last few weeks there were some vulnerablities reported on EZpublish, Xoops and Postnuke, most of them are cross site scripting errors).

For the platform: well, I suppose that securing a Windows or linux box is not a secret to you.

My secret tricks :D
I'm running e-smith (.org) as my internetserver (it's a stripped and hardened red hat linux, dedicated to be a firewall and web/mail server).
It's very simple to install whatever script you want in one of the webroot directories (primary web root and the web root in so called ibays).

My cms: e107 (.org). It's code is very small and of a very high standard (as I'm led to believe) and the community there is very responsive :-*
But then again, as always, there's no perfect solution and you may well go for drupal or so.


(no please don't... go for e107 ;) )