[vlc-devel] vlc: svn commit r23852 (courmisch)
Rémi Denis-Courmont
rem at videolan.org
Mon Dec 24 18:00:53 CET 2007
Le lundi 24 décembre 2007, Antoine Cellerier a écrit :
> On Mon, Dec 24, 2007, Subversion daemon wrote:
> > r23852 | courmisch | 2007-12-24 16:39:17 +0100 (Mon, 24 Dec 2007) |
> > 2 lines Changed paths:
> > M /trunk/modules/services_discovery/shout.c
> >
> > Not every body trusts "free.fr", especially not through non-secure
> > HTTP, and/or non-FQDN-only hostnames
>
> This is kind of commit is starting to get on my nerves.
Your kind of reckless commits has already been getting on my nerves for
a while.
> We can't sacrifice usability because of would be highly unprobable
> security issues.
The 20th century is over. When people open a media player, they probably
don't want it to overwrite arbitrary files. That YOU and some people
are reckless is YOUR problem. Not everybody's problem. And even then,
one could argue knowingly using insecure software is, well, antisocial
(compare to reckless/drunk driving). I don't even want to think about
publishing knowingly insecure software.
> This service discovery module is only meant to be used by clients of
> Free and isn't even default enabled.
> Now if you don't agree, I don't care.
I don't care if you don't agree. It's not about JUST ME not using the
module. If you cannot realize that writing code used by _MILLIONS_
incurs a certain level of responsibility, that's your problem. If you
do commit it, it's every body's problem.
> Just don't use the module.
Oh, I surely won't. Now what about the millions of users who don't read
vlc-devel?
--
Rémi Denis-Courmont
http://www.remlab.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20071224/74299984/attachment.sig>
More information about the vlc-devel
mailing list