1 |
On 02/18/15 13:47, hasufell wrote: |
2 |
> Matt Turner: |
3 |
>> On Wed, Feb 18, 2015 at 9:56 AM, hasufell <hasufell@g.o> wrote: |
4 |
>>> Are you saying you only share the code with your buddies? In that case, |
5 |
>>> it is against our social contract as well. |
6 |
>> |
7 |
I have not shared the code in question with anyone at all, I also happen |
8 |
to have never been on the team that wrote, maintains, and uses is. |
9 |
|
10 |
Knowing a claim is false does not automatically make one the subject of it. |
11 |
>>> Not only that, it is even a serious security problem since the developer |
12 |
>>> community doesn't know how these things are packaged and neither do the |
13 |
>>> users. |
14 |
>> |
15 |
>> There's a serious security problem if they were to release the scripts |
16 |
>> (passwords and all) right this second. |
17 |
>> |
18 |
> |
19 |
> This statement makes me wonder if you really understand opensource (or |
20 |
> even free software). |
21 |
> |
22 |
> Maybe the recruitment quizzes need to be fixed in this regard. |
23 |
> |
24 |
While embedding authorization tokens in a script is not exactly in |
25 |
keeping with best practices, implying that the only concern in |
26 |
publishing a script which you have been told includes such tokens is |
27 |
your own desire for it to be published is at best ignorant. As such, you |
28 |
would appear to be in dire need of basic information security training. |