Hi, As you said yourself -- it's all about trust. If this person knows nothing of programming, then (s)he is obviously at the mercy of the programmers, which is why we have warranties in commerical software, reputuations to uphold in the open source arena and malware elsewhere. ;-) Sure, there will always be people that will abuse your trust and we should all do whatever we can to avoid such people, but realistically the only people writing open-source software of any notability will usually be fairly trustworthy people, even if only out of necessity as their reputation is on the line.
Failing that, there's no reason one could not pay an independent third-party code auditor to inspect the code. Such auditors will usually guarantee the safety of products they've investigated, but this comes at a cost. Hope this helps. On 11 Dec 2006 20:16:31 -0800, placid <[EMAIL PROTECTED]> wrote:
Hi all, I was going to write this script for a friend that notifies him via logging onto his Gmail account and sending him an email to his work email about some events occurring in the execution of the script. If you enter your password into a script as input how can someone trust the programmer that he will not send a email to himself containing his password? Assuming this person does not know anything about programming and this person knows nothing about programming ethics. This is coming from the fact that i need to notify the user in someway that does not require her to constantly watch the execution of the script, for example when a user signs in to Windows Live Messenger pop up. Cheers 1. http://libgmail.sourceforge.net/ This is the library i use to access a Gmail account via Python -- http://mail.python.org/mailman/listinfo/python-list
-- http://mail.python.org/mailman/listinfo/python-list