|
|
|
|
|
|
by mhurron
4710 days ago
|
|
|
> However, perhaps we can expect a user who can gem install something to have an acceptable level of awareness of the security implications of such a tool? No, we can not. From both personal experience (developers can be dumb as bricks and know nothing outside their specific knowledge domain) and good security practices (you don't trust the user, even if they say they're good for it). And yes I hope it was just sarcasm I missed, but that's why I had to ask. |
|
|