Hi Steve
Your security issues sounds very reasonable for me.
I've never thought of this, as I've used the URL option rarely in practice and only for LAN access where security was irrelevant.
Another reason is, that I've no experience with this stuff.
Do you think, it could be a blocker?
What is the best solution in the case, there is nobody who is more
familiar with this stuff and implements the security issues now?
a) Contribute as is and document this issue in the task documentation
until it's hopefully implemented later or
b) Change the task, so that it does not accept non-file URLs (should be no big deal) or accepts only the original Path type instead of the
extended one.
Regards, Rainer
I think for a build process you are taking your own risks. The danger is that if people do bind to remote URLs for stuff, they create a new back door. We should document that :)
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
