> > > Or is this totally unethical - love to hear your thoughts
> >
> > I think that it would be wrong to compromise someone else's
> > system, even for ostensibly good goals.
>
> Agreed, but what would be the harm of generating an email to
> webmaster@..., admin@...., and support@... with a link to the
> patch and instructions on how to install it...
>
> Instead of doing it for someone, tell them how to do it. Then
> you might also put a link in said email to a template on your
> server that would perform the correction on their system (assuming
> that it is possible to do that). That way you *know* they approve.
There would be no harm in notifying someone that his computer has been
compromised; in fact, I know quite a few people who are doing that. I'd be
reluctant to build something that could do the installation itself, though -
that's asking for trouble.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
