Reminder: to master the art of distinguishing between "Reply" and "Reply to all"
Guy On Thu, 2003-11-13 at 10:46, Gilad Ben-Yossef wrote: > > Now, what would have happend if this was a run of the mill closed source > security firm? Closed source firms rarely use CVS (if ever). Big projects usually rely on version control mechanisms with integrated version tracking, logging and authentication mechanisms (user, time, machine, file, branch, etc... where the file was checked-in). Pure mortal developers do not have the permissions to perform merges with main branches. ClearCase by Rational (or should I say IBM ?) is a good example of such an application. You might forget it, but in the proprietary code world one of your worst fears is the industrial espionage and sabotage by your competitors. > First of all, I seriously doubt it that the fact of the change would have > been detected at all, but even if it were the sys admin discovering it > would "fix the technical problem" and would never ever send it to the R&D > (which are another dept. which is hated by the IT team). SysAdmin who does not see the benefits in cooperating with R&D team should be whipped with GigaEthernet cables. > In short - people breaking in and putting in back door happen in both open > and closed source. But only in Open SOurce there's a real chance that > someone would discover it. In closed source land it's always "someone > else's problem". Compromised code is a ticking bomb that can blow up any second and scare away your customers. OS or closed source world, it doesn't matter. It can happen anywhere and it all depends on the proficiency and skillfulness of the ones on the watch. Guy -- ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
