[opensource-dev] Anyone playing with Android and Second Life?
Robin Cornelius
robin.cornelius at gmail.com
Tue Dec 28 08:12:13 PST 2010
On Tue, Dec 28, 2010 at 4:05 PM, Tateru Nino <tateru.nino at gmail.com> wrote:
>>
>> So that avoids 2.e
> I'd be more concerned about capabilities URIs, myself. The login
> credentials are only the front-gate.
>
Thats absolutly true, and it would be trivial to inject a pay packet
or any other packet into the data stream. But its probably far far
easier to place malicious code in a TVP binary. So unless you are
going to download the source to a TPV and diff it against LL code
base, then compile yourself (ensuring all dependencies are also
provided by LL/built by yourself), are you really any more at risk? ,
i'm just being a bit of a devils advocate here, my first comments were
a literal comparison of if they met the TPV rules for listing.
Robin
More information about the opensource-dev
mailing list