Tim Perdue <[EMAIL PROTECTED]> tapota : > Elfyn McBratney wrote: > >>>Le lun 12/04/2004 à 12:32, Lorenzo Hernandez Garcia-Hierro a écrit : >>> >>>>Hi, >>>>I've to tell you about this: >>>>http://www.tuxedo-es.org/seguridad/GForge-1.xhtml > > It appears that Lorenzo's so-called "security exploits" list was > little more than a politically-motivated smear campaign. No wonder he > was so interested in publishing his "findings" - he has political ties > to the savane project.
Lorenzo is known to the project Savane since less than a month. In other words, he has no specific binds that could justify a "smear campaign". If I correctly understood his motive in such report is the fact that he heard that gforge would supposedly be more secure than Savane. It just turns out that gforge got the same problems than Savane (most notably the register_globals issue). Nothing really awful, but it clearly shows that people talking about "security" problem and Savane have lost touch with reality, and are the ones endorsing a smear campaign for reasons that remains to be analysed. Fortunately, nobody ever made such claim publicly. The only reproach you can make about Lorenzo work is the fact that he spent time to proves that foolish talks were foolish. It is more efficient to first let people telling nonsense explaining how what they said could be something else than nonsense. But Lorenzo is not doing any harm by not using the most inefficient way to question some ideas. I notice for the second time the usage of the word political in a strange sense in Tim Perdue's writings. The Savane project have no specific policitical purpose, apart from being Free Software. So the only political bind someone can have with Savane is being part of the Free Software spirit. In other words, when Tim Perdue suggest that Lorenzo is dishonnest because of "political ties to the Savane project", he suggests that Lorenzo is dishonnest because of political ties to Free Software. One more time, Tim Perdue's writing looks like anti-Free Software. I will not comment further that point. But I am not sure there is any interest in this discussion. After all, the ones that make decisions are not here. And there is nothing to think about because nothing is said. Regards, -- Mathieu Roy +---------------------------------------------------------------------+ | General Homepage: http://yeupou.coleumes.org/ | | Computing Homepage: http://alberich.coleumes.org/ | | Not a native english speaker: | | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | +---------------------------------------------------------------------+
