On Mon, Aug 01, 2011 at 03:40:51PM +0300, Sami Liedes wrote: > On Mon, Aug 01, 2011 at 01:03:17PM +0200, Adam Borowski wrote: > > http://wiki.debconf.org/wiki/BofHowTo#Why_not_etherpad.3F > > (Disclaimer: I've never tried Etherpad, and I hadn't even heard of > gobby before this Debconf. Perhaps I should try etherpad with my N900; > bringing my laptop to the auditorium for talks was too much of a > hassle, so I missed gobby there. Using via browser would have been > nice, but that's a wishlist feature at most.) Gobby might also be more accessible, due to GNOME's nice infrastructure. But others might have more qualified input on that. > I must confess having a network-interfacing program written in an > unsafe language talking to a server that relays data from AFAICT > anyone at any IP address without any authorization segfault on > entirely benign input makes me feel a bit nervous about its security > properties... The crashes I saw were mostly assertions that triggered. But indeed they should've been handled more carefully. (The sending of cursor data that triggered some is pretty new code, and less tested. Sadly it's mostly on such events where you discover lots of bugs.) You can activate authentication on the server side, of course. It was just decided that it wasn't needed. Kind regards Philipp Kern
Attachment:
signature.asc
Description: Digital signature