[thelist] automatic code updates with PHP
Peter VanDijck
pvandijck at lds.com
Wed Nov 13 10:35:01 CST 2002
> It makes alot of sense, but as I said I am having difficulty wrapping my
> head around this idea that you dont trust them to upgrade, and they
> don't trust you to let you upgrade them. Even Microsoft lets me choose
> when I upgrade my OS or browser etc (in Win 2k). Somebody has to
> compromise (they trust you to write non-malicious code to their DB or
> their filesystem--it doesn't matter which, if you can write malicious
> code to their filesystem you can eval() the same malicious code--or you
> trust them to upgrade).
It is not the same in the perception of the user though - and that's a
very *real* difference although both approaches may be technically
equivalent.
> While your idea seems appealing, I think you may underestimate the trust
> and responsibility associated with this system.
Valid point. I'm gonna think about it.
Peter
More information about the thelist
mailing list