On Dec 19, 2006, at 12:16 AM, Brian Chess wrote:
My question is, would you like to allow outsiders to go through
results and
help sort the real bugs from the chaff? The upside is that
volunteers may
perform useful work and that it may be another avenue to get people
involved
with the code. The down side is that things like XSS in admin
pages may
lead them to make more ruckus than is really appropriate.
Are there any security concerns (I think your original intro said you
don't generally share w/ the public) of having others involved? That
is, could we be publishing information that could make a Lucene
application vulnerable or is really just a "ruckus" issue? Part of
me thinks that b/c the code is freely available, people could find
the security issues anyway, so we aren't really protecting ourselves
anyway by denying access.
Thanks, btw, for the account and for setting this up.
--------------------------
Grant Ingersoll
Center for Natural Language Processing
http://www.cnlp.org
Read the Lucene Java FAQ at http://wiki.apache.org/jakarta-lucene/
LuceneFAQ
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
