我应该使code为我的个人网站开源?哪些安全隐患? [英] Should I make the code for my personal web sites open-source? What are the security implications?
问题描述
我正要改写使用ASP.NET 4 / MVC我的个人网站/博客。我通常使用我的私人Subversion服务器进行版本控制,但对于这个项目我打算使用的Git / GitHub的-I've被使用Git最近越来越多和preFER它的工作方式。我也想使我的code开源的情况下,任何人想用它来学习。
I'm just about to rewrite my personal site/blog using ASP.NET 4/MVC. I usually use my private Subversion server for version control, but for this project I'm intending to use Git/GitHub —I've been using Git more and more recently and prefer the way it works. I'd also like to make my code open-source in case anyone else wants to use it to learn from.
我的问题是:如果我做我的个人网站的源$ C $ C可公开获得的GitHub上,我会自己暴露安全漏洞的风险增加
我不关注知识产权这里,刚想安全无论code我写的会是相当基本的反正。
I'm not concerned about intellectual property here, just about security—whatever code I write will be fairly basic anyway.
我意识到,一个)的开源社区向白帽子凑到非常多和b)我的小网站是不以任何方式一个有价值的目标。
I realise that a) the open-source community leans very much toward the white-hat and b) my tiny web site is not by any means a worthwhile target.
话说回来,如果我发表我的code和我犯了一个错误导致一个安全漏洞(我确信在某个阶段我会的,没有人是完美的),只需要一个恶意人利用它,而不是让我知道,我完蛋了,不是吗?
Having said that, if I'm publishing my code and I make a mistake which results in a security hole (and I'm positive that at some stage I will, nobody's perfect), it only takes one malicious person to exploit it rather than letting me know and I'm screwed, aren't I?.
推荐答案
如果您开源,它有被黑客攻击的机会较高,但你必须被告知关于它的可能性要高得多。如果不这样做,你可能不会被告知它,如果它发生。
If you open-source it, it has a higher chance of being hacked, but you have a much higher chance of being told about it. If you don't, you may not get told about it if it happens.
这篇关于我应该使code为我的个人网站开源?哪些安全隐患?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
