Question about web applications
Rahul Sundaram
sundaram at fedoraproject.org
Thu Jun 4 10:36:03 UTC 2009
On 06/04/2009 03:53 PM, Paulo Cavalcanti wrote:
> Hi,
>
> I submitted ampache (http://ampache.org/) for review, but I was told
> that it could not use any external software
> bundled in the code. In fact, it uses getid3, a file that seems to come
> from horde (horde/Browser.php),
> and some others.
Submit separate review requests for independent projects bundled within
the source and add them as dependencies once they are approved.
> Does it make any sense to fiddle something that has always had security
> as a prime concern?
Yes, security is precisely one of the concerns with bundling independent
sources together since bug fixes and security vulnerabilities will exist
hidden.
Rahul
More information about the fedora-devel-list
mailing list