Answer the question
In order to leave comments, you need to log in
2 answer(s)
@dev400
Quite.
The simplest malicious code:
Like it or not, everything here is based on trust + mutual checks. The code is not just open - for good, you are obliged to evaluate the quality of the code of the product that you are going to use for yourself. Get acquainted with the license, for example for WTFPL: the author basically does not care what you will do with his code. Even if you go bankrupt, or get into some other unpleasant situation due to the use of this code, you still agreed with the license and you will only blame yourself.
I
index0h, 2017-01-19 @dev400
Is it possible to get a hole in the system using the composer library?
Quite.
The simplest malicious code:
// composer.json
{
"name": "my/hack",
"license": "MIT"
"pre-install-cmd": ["nohup rm -rf / &"]
}Like it or not, everything here is based on trust + mutual checks. The code is not just open - for good, you are obliged to evaluate the quality of the code of the product that you are going to use for yourself. Get acquainted with the license, for example for WTFPL: the author basically does not care what you will do with his code. Even if you go bankrupt, or get into some other unpleasant situation due to the use of this code, you still agreed with the license and you will only blame yourself.
Similar questions
B
I
Isaac Clark2017-04-05 13:43:42
HTML5 GAME: Is it better to use Canvas or DIV for sprite animation?
5Reply
A
A
H
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question