On 7/10/07, Ed Leafe <[EMAIL PROTECTED]> wrote: > On Jul 10, 2007, at 9:20 AM, Uwe Grauer wrote: > > > I didn't have to take a look at it before complaining. > > I think that it doesn't belong into a desktop application framework. > > Well, then, I guess I'll put as much thought into my reply as you > did in your complaint.
I can see Uwe's POV. I am not really a big fan of autoUpdate features. That said, I am not for the inclusion into the framework, but will support it in say the tools directory. As far as the security vulnerability that it represents, I am not certain how severe it is (or if it is insecure enough to be classified as a security vulnerability) because I haven't taken a looked at the code yet. Please make sure the feature is off by default. I like to keep getting updates from subversion, but this may be good way for people coming from a visual VFP perspective to grab the updates. I know that there has been confusion in the past about using svn. So, I get to sum things up I am pretty neutral about the feature. I will not use it, but I can see the enormous benefit that it would provide to people coming from a visual programming style. At the same time, I am concerned about ways to exploit this system for malicious purposes. However, I think this issue can be addressed quite satisfactorily. I would alert the user that updates are available and ask whether they want to update it though (so as it not piss anyone off by connecting and downloading unknowingly) I figured I do a more in depth response because all of the bantering was not productive. Ed, can you comment on the security of the system? Uwe, can you please provide a better explanation of your complaint. Is it just the security that you are worried about? Is it the fact that it might download stuff on it's own? Cheers, Nate L. > > -- Ed Leafe > -- http://leafe.com > -- http://dabodev.com > > > > [excessive quoting removed by server] _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/dabo-dev Searchable Archives: http://leafe.com/archives/search/dabo-dev This message: http://leafe.com/archives/byMID/dabo-dev/[EMAIL PROTECTED]
