[Opensim-users] Warning, one month Warning
Marcus Llewellyn
marcus.llewellyn at gmail.com
Thu Mar 4 04:33:49 UTC 2010
Wow.
First off, anyone at all is free to audit OpenSimulator's source for
security. It's very easy to obtain as an archive, via SVN or Git. If you use
a binary package, presumably you trust the person who compiled and
distributed it. If you don't... why on earth were you ever running it at
all?
Second, it isn't as though patches are just thrown into OpenSim willy-nilly.
They are first approved by core developers. Massive changes are likely to be
put into their own branch until the changes introduced can be properly
evaluated and tested, and are unlikely to be accepted readily anyway unless
created by a core dev, or someone with a good reputation.
As for April Fools, I'm looking forward to it. I'll be making a backup,
compiling from master shortly beforehand, and then see what goofiness was
hatched up this year. If anyone in the know knows what's gonna happen, don't
tell me. I would like to be surprised. :)
Marcus
On Wed, Mar 3, 2010 at 6:59 AM, John Mieske <johnmieske at gmail.com> wrote:
> I don't think you understand the relevance of what is going on. IF they can
> put code into it to crash or disrupt your OpenSim software, then what else
> is in the code that we are unaware of ? I see a HUGE security risk here.
> Anyone who has this running at home on their home network, they invited them
> into looking at your network and your computers. I have permanently shut
> down my Grid. I no longer support OpenSim.
>
> And they are correct when they say, This is not commercial software and
> that THEY are not responsible for anything !
>
> John
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-users/attachments/20100303/3e5a9176/attachment.html>
More information about the Opensim-users
mailing list