Philip Brown wrote:
On Fri, Jul 24, 2009 at 11:08:04AM +0200, Trygve Laugstøl wrote:
If the code can't be shown to the world without being a security risk,
and Phil doesn't believe that we can write secure code, I'd like to
replace the application with something that we all can work on and
extend.
There is no "*THE* application".
Additionally pretty much any web application, reguardless of language, has
the potential for security holes. So changing the framework, does not
definitively eliminate the underlying problem here.
This shows a fundamental non-understanding of what is going on in our web
space (and security, for that matter).
It's impossible for us to know what's the current issue with the current
application when your entire reply is "security".
I don't see how it should be hard to write a secure application to show
the information that we currently display on the site.
Just as people who arent actually maintaining packages, should not get to
tell active maintainers how to package... I think that people who arent
actually DOING WEB WORK, should not be telling those who are, how to do it.
It's a good thing that I do web development for a living then so I have
the right to speak.
If people want to actually do work, then great! please speak up with what
area you want to work on. Then after that, talk about how you think the
working environment could be improved.
I'd like to improve the package info page, the first thing would be to
remove the "doesn't work yet" comments etc.
--
Trygve
_______________________________________________
maintainers mailing list
[email protected]
https://lists.opencsw.org/mailman/listinfo/maintainers
