Question about web applications
Rahul Sundaram
sundaram at fedoraproject.org
Thu Jun 4 10:36:03 UTC 2009
On 06/04/2009 03:53 PM, Paulo Cavalcanti wrote:
> Hi,
>
> I submitted ampache (http://ampache.org/) for review, but I was told
> that it could not use any external software
> bundled in the code. In fact, it uses getid3, a file that seems to come
> from horde (horde/Browser.php),
> and some others.
Submit separate review requests for independent projects bundled within
the source and add them as dependencies once they are approved.
> Does it make any sense to fiddle something that has always had security
> as a prime concern?
Yes, security is precisely one of the concerns with bundling independent
sources together since bug fixes and security vulnerabilities will exist
hidden.
Rahul
More information about the devel
mailing list