On 1/8/07, MacGyverMagic/Mgm <macgyvermagic(a)gmail.com> wrote:
What's the point of showing everyone the code? Are we afraid the owner is
going to abuse the bot?
Mgm
On 1/8/07, Steve Bennett <stevagewp(a)gmail.com> wrote:
On 1/8/07, James Hare <messedrocker(a)gmail.com> wrote:
> I can imagine how that can be benefit; it'd allow for public auditing
of
the
> code.
>
> Problem is, if you let everyone see it, you let EVERYONE see it --
even
> the
> > people who will take a look at it and figure out how to compromise the
> bot.
>
> Yup. Historical consensus is that the advantages outweigh the
> disadvantages. See [[Security through obscurity]].
>
> Steve
>
> _______________________________________________
> WikiEN-l mailing list
> WikiEN-l(a)lists.wikimedia.org
> To unsubscribe from this mailing list, visit:
>
http://lists.wikimedia.org/mailman/listinfo/wikien-l
>
No, (if the owner was going to abuse it, he might as well do it on her own
account, since he'd be desysopped and banned either way). We want it
released because it's good if a lot of people review the code so more people
can spot potential weaknesses, and fix them.