David Harris writes:
>
> Sam [mailto:[EMAIL PROTECTED]] wrote:
> > I presume then you leave your telnet port open on your servers because,
> > after all, it is secure.
>
> I presume you never make a mistake programming.
>
> You can't have it both ways. If you place the following disclaimer on your
> SqWebMail site, please don't get ticked off when people don't want to use your
> code because it is set-uid root.
>
> "This is alpha code. It may crash. Your hard drive
> may catch fire as a result of using this CGI client.
> It may not work at all. It may work, but have a
> security hole or exploit, somewhere."
>
> ...or you don't stand behind that disclaimer and have no problem being
> personally liable for any security exploits your software might have?
If it's good enough for Microsoft, it's good enough for me. If I lifted
the exact verbiage from their End User License Agreement (any actual
product, pick your favorite), and used it instead, would that make you feel
more comfortable?
The problem with that is that both of them are completely identical, once
you strip away the legalese in MS EULA.
The real answer is that I wrote that paragraph about six months ago.
Revising that paragraph is probably the last on my list of priorities.
--
Sam
