[Rubygems-developers] Reviewing the Tattle Data (was RubyGems plaform thread)
Charles Oliver Nutter
charles.nutter at sun.com
Fri Apr 27 16:57:31 EDT 2007
Eric Hodel wrote:
> If you find tattle is reporting information you don't want public
> after you've published it, you should have checked out what it was
> doing first and not run tattle.
> (While the first release of tattle didn't have the report option, it
> was still simple enough to visit the tattle report page or inspect
> the source to discover what was being reported.)
If you didn't want a security hole in your system you should have read
all the code first.
Sound a little silly?
I still haven't heard how the prefix information is useful, or why it
couldn't just be eliminated/turned off now that a few people have raised
concerns about it. What use is this information? Why keep it?
More information about the Rubygems-developers