I apologize for this email; I jumped to a false conclusion and made a baseless accusation. I now have no reason to believe that weblily poses a risk.
I'm sorry. - Graham Percival On Wed, Mar 10, 2010 at 08:21:24PM +0000, Graham Percival wrote: > Mr. Weblily, > > I like your enthusiasm with your weblily project, but for Mao's > sake please learn something about computer security. The current > website is completely insecure. > > This is not a theoretical concern. It would take me approximately > two minutes to delete everything in your /home/lily/ directory -- > not just material in /home/lily/scores/. > > > I wouldn't do this, of course -- but if a non-expert like me could > do this so quickly, I'm certain that an experienced and malicious > hacker could do far worse. Such as taking over your machine and > using it to attack other websites, distributing child porn, or > whatever. > > If you want to continue to run your project without any regard for > security, that's your business, but I want it understood that > YOU HAVE COMPLETELY DISREGARDED ALL COMMON SENSE AND HAVE NOT READ > THE MATERIAL ABOUT SECURITY IN OUR DOCUMENTATION. YOU RUN > LILYPOND IN THIS FASHION COMPLETELY AT YOUR OWN RISK, AND IF THE > GERMAN EQUIVALENT OF THE FBI COMES KNOCKING ON YOUR DOOR ASKING > WHY YOU ARE DISTRIBUTING RIPS OF HOLLYWOOD MOVIES OR PIRATED > COMMERCIAL SOFTWARE, YOU CANNOT BLAME LILYPOND. > > The internet is not a playground. If you're going to hand > complete control over your server to other people, you might not > like the consequences. > > - Graham Percival _______________________________________________ lilypond-user mailing list [email protected] http://lists.gnu.org/mailman/listinfo/lilypond-user
