Re: moosic package contains obfuscated code
Scripsit Nicolas =?iso-8859-15?Q?=C9vrard?= <nicoe@altern.org>
> So I was wondering, since this is problem is only with the binary
> package should I file a bug against moosic stating that obfuscating is
> an error or does it seems an acceptable policy to your eyes ?
If the source package contains unobfuscate source for everything, then
there is no DFSG problem. It is not worse than compiling to machine
code.
As far as I can see from a quick look at the source package, this
appears to be the case. (By the way, the comments in the Makefile
indicate that the upstream author is apparently more concerned about
saving space in the binary packages than about obfuscation).
There's a base64 encoded blob at the end of moosic_dispatcher.py, but
it appears just to be an ASCII-art easter egg. If there are processing
instructions steganographically encoded in it, we have problems, but
is there any reason to assume that? The base64 encoded string is
certainly not the preferred form for modifying the ASCII art, but it
is easy to (losslessly) decode it into a form that is preferred for
changes.
--
Henning Makholm "Monsieur, vous êtes fou."
Reply to: