Back story: My best friend is a self-taught coder for a community art site, writ

Question

Back story:

My best friend is a self-taught coder for a community art site, written in PHP. Some time ago he mentioned he wanted to make the source code of the site public, to which my response was total horror - surely it was going to be full of security holes waiting to be found, and it was going to lead to hacking and errors on a huge scale. He never ended up doing it.

Current story:

I'm starting development of a community website built in Rails, and for ease of use I was going to use Github for version control. Then I realized it was pretty much exactly the same thing as my friend making his source code public - which made me stop and think.

Would you make your website's completely-custom source code public? Or is this a case of open source gone too far?

(note: I don't think this applies to people who run things like Wordpress. Or does it?)

Explanation / Answer

It's fine!

If you're planning to dump out your database that contains private information about anything, I urge you to think again. In terms of security, if it's obvious that you haven't sanitised your user input, well... I guess you'll learn that lesson one way or another. Apart from the obvious security loopholes (which you should be avoiding anyway), think about how much time it'd take for you to browse the code of another web site and look for potential exploits. (Ages.)

Regarding intellectual property and all the genius ideas that you'll come up: there are probably people out there that are smarter than you, so nothing of yours is going to stolen.

Related Questions

Navigate

• Browse (All)
• Browse B
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.