Let only the sheer number of struts user who downloaded the release candidates prior to the final. If there was malicious code in Struts, it wouldn't have taken long for several users to have identified it, and screamed loudly on this list and on the developers list. I would rather use a product that has had a world-wide community of people looking at, than a closed product (i.e. ANYTHING from M$). Look at the constant stream of security flaws in Windoze - don't you think that if a several thousand users could dig through Windoze, we might find more than a few of these BEFORE they are exploited by those with less than honorable intentions?
my $.02 Jerry Jalenak Team Lead, Web Publishing LabOne, Inc. 10101 Renner Blvd. Lenexa, KS 66219 (913) 577-1496 [EMAIL PROTECTED] > -----Original Message----- > From: Steve Raeburn [mailto:[EMAIL PROTECTED] > Sent: Thursday, September 11, 2003 11:58 AM > To: Struts Users Mailing List > Subject: RE: YASJR, Part Duex > > > Well I would say that software the passed QA containing > malicious code was > faulty! > > My point was that your company should trust you to judge the > quality of the > code you're working with - wherever it comes from - and that > you should have > a reasonably high degree of confidence in Struts code because: > > 1) You can review the code yourself. > 2) Thousands of other developers also review the changes. > 3) The committers review changes. > 4) Only a small number of people actually have commit access. > > Good luck with your project! > > Steve > > > > -----Original Message----- > > From: Gregory F. March [mailto:[EMAIL PROTECTED] > > Sent: September 11, 2003 8:51 AM > > To: Struts Users Mailing List > > Subject: Re: YASJR, Part Duex > > > > > > > > On Sep 11, 2003, "Steve Raeburn" <[EMAIL PROTECTED]> wrote: > > > > |Who do they sue if the code you've written in-house is faulty? > > > > Faulty code was not what I was referring to. Malicious code, hacks, > > timebombs, etc. was. In the case of "in house" > maliciousness, you lose > > your job, lose benefits and legal action will be taken > against you. In > > the case of external maliciousness, restitution for damages > will usually > > be sought. > > > > Quality is another issue, and I can defend struts pretty > well on that > > front. > > > > In any case, I think this is digressing. I've gotten some > great points > > from all of you - thanks!! > > > > Cheers, > > > > /greg > > > > -- > > Gregory F. March -=- http://www.gfm.net:81/~march -=- > > AIM:GfmNet > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > This transmission (and any information attached to it) may be confidential and is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient or the person responsible for delivering the transmission to the intended recipient, be advised that you have received this transmission in error and that any use, dissemination, forwarding, printing, or copying of this information is strictly prohibited. If you have received this transmission in error, please immediately notify LabOne at the following email address: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
