On 1/8/07, MacGyverMagic/Mgm macgyvermagic@gmail.com wrote:
What's the point of showing everyone the code? Are we afraid the owner is going to abuse the bot?
Mgm
On 1/8/07, Steve Bennett stevagewp@gmail.com wrote:
On 1/8/07, James Hare messedrocker@gmail.com wrote:
I can imagine how that can be benefit; it'd allow for public auditing
of
the
code.
Problem is, if you let everyone see it, you let EVERYONE see it --
even
the
people who will take a look at it and figure out how to compromise the
bot.
Yup. Historical consensus is that the advantages outweigh the disadvantages. See [[Security through obscurity]].
Steve
WikiEN-l mailing list WikiEN-l@lists.wikimedia.org To unsubscribe from this mailing list, visit: http://lists.wikimedia.org/mailman/listinfo/wikien-l
No, (if the owner was going to abuse it, he might as well do it on her own account, since he'd be desysopped and banned either way). We want it released because it's good if a lot of people review the code so more people can spot potential weaknesses, and fix them.