Actually, that's how security vulnerabilities are normally handled in the Ruby on Rails world.

What, you think I'm joking? Think again: http://arstechnica.com/business/2012/03/hacker-commandeers-g...