[TYPO3-dev] Services architecture
Dmitry Dulepov
dmitry.dulepov at gmail.com
Thu Mar 24 16:32:10 CET 2011
Hi!
Michael wrote:
> This sounds a little bit like "security by obscurity" to me, to be
> honest. Or in other words: "as long as the average programmer does not
> find out, the concept is secure!".
>
> Maybe I missed something in your conversion or I do not dig deep enough
> into the TYPO3 core code... but I am sure, that we all agree that
> "security by obscurity" is not really a good concept :-)
I never relied on this concept :) I only said that it will be harder for
the average programmer to create a service that reuses rsaauth than for
people, who know the core. Just that, no any other meaning, no assumptions
or hidden thoughts.
--
Dmitry Dulepov
TYPO3 core&security team member
E-mail: dmitry.dulepov at typo3.org
Web: http://dmitry-dulepov.com/
More information about the TYPO3-dev
mailing list