[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security concerns with minified javascript code

Paul Wise <pabs@debian.org> writes:
> On Wed, Sep 2, 2015 at 11:47 PM, Russ Allbery wrote:

>> If *no one* has access to anything better than a binary file, then
>> possession of that binary file puts you on an equal footing with
>> everyone else in the world, which I think is all that we can reasonably
>> ask.

> We can of course strongly suggest upstreams not throw away their
> source files and not modify generated files, instead preserving the
> most expressive or information rich formats.

Indeed, and for images this is frequently a problem.  People construct
them using various rich data and then flatten them down to JPEGs or PNGs
and throw away all the other information.

Of course, even if they keep it, it's often Photoshop files, which is only
of marginal utility....  :/

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: