cthulhain wrote:
>
> On Mon, 6 Nov 2000, Geir Torstein Kristiansen wrote:
>
> > Geir Torstein Kristiansen wrote:
--snipped--
> >
> > It's gone about one week now since I asked this question on the list. I
> > am wondering if the blackbox developers have anything to say about this.
> > Is this something that is on your TODO list for future blackbox versions
> > or is it something that you don't care about at all?
> >
>
> i'll say something about this.
>
> first of all, there's no cause for concern if you simply audit your style
> files before using them. it's a very easy thing, nothing more than
> 'grep -i rootcommand <style>'
>
> secondly, if you run x as root, you deserve what you get.
>
> i don't really see this as being a problem. there is potential danger in
> just about anything you install on your unix/unix-like system. do you
> always look through the source code you compile to check for back doors or
> destructive shell commands? if you use binaries, are you sure you can
> trust the people who compiled them? how paranoid do you want to be?
>
> somewhere along the line you are trusting someone, and most of the time
> your trust is well-placed. with blackbox style files, you don't even have
> to trust, because you can easily check them yourself.
>
> that's my take on it.
>
> cheers,
Sure, but it would be a lot more convenient if the style files did not
have to be audited. Does bb.themes.org for instance audit blackbox style
files, before they release them?
--
__ __
___ _/ /_/ /__
/ _ `/ __/ '_/
\_, /\__/_/\_\ Geir Torstein Kristiansen
/___/--------------------------------------
