Prev: Callback simulink parameters to edit text box in GUI
Next: Where is urlConnection.setReadTimeout?
From: Tommy on 21 Mar 2010 03:14
Doug Schwarz <see(a)sig.for.address.edu> wrote in message <see-CFD74C.16101920122009(a)news.frontiernet.net>...
> In article <hglhd7$e6g$1(a)fred.mathworks.com>,
> "Jan Simon" <matlab.THIS_YEAR(a)nMINUSsimon.de> wrote:
>
> > Dear Doug!
> >
> > > I hope you realize that TMW does not want
> > > to be held liable in case someone were to upload a malicious MEX
> > > function (with false source code, perhaps). I think the ban on MEX and
> > > p-code is completely justified.
> >
> > Thanks Doug! I do not dissent. Is this your opinion or do you cite TMW?
>
> Hi Jan,
>
> I don't think I have ever read any specific reason from TMW, but it's
> the most likely reason (in my opinion).
>
>
> > If TMW could be held reliable for uploaded MEX files, couldn't they be held
> > reliable for uploaded links to malicious MEX also?!
> > What about malicious M-functions or obfuscated C-source with unpredictable
> > results? The BSD license claims, that the downloaders run all functions on
> > their own risk. Isn't this a suffcient protection for TMW?
http://www.wikio.com/article/bad-credit-payday-loans-176415445
> I don't know as I am not a lawyer, but since almost the whole Internet
> is linked in some way I think it would be difficult to hold TMW liable
> for code that was found on another web site. I'm thinking that the link
> on mathworks.com would be to a page which contained download links to
> binaries, not direct links to binaries. That way it would be clear to
> users that they had left mathworks.com.
>
> Of course, it is possible to have a malicious m-file, but as long as you
> can examine that code you can figure out where to place the blame in
> case something undesirable happens.
>
> It might be that the BSD license protects TMW. In spite of that
> protection, I would guess that TMW simply wants to enable code sharing
> while minimizing (but not eliminating) the possibility of distributing
> malware. Again, this is just my interpretation of what I have read here.
>
>
> > I realize that publishing compiled MEX might interfere with some wants of
> > TMW. I have no doubt that TMW has good reasons. But I cannot find clear
> > statements -- except for "Compiled files must be accompanied by their
> > source.", which is the opposite of what they accept in reality.
>
> This whole file sharing concept goes way back to when TMW maintained an
> anonymous ftp site and the thought of malware was more remote and
> anything was acceptable. Gradually, we have been brought into the
> modern age and we are all less naïve about malware so it's not
> surprising that you can find mixed policy statements. The only people
> who must know the policy are the MathWorkers who decide whether a
> submission is accepted since they have final say on the matter. For the
> rest of us it's merely a courtesy to inform us of the policy so we don't
> waste our time. I tend to apply common sense -- no binaries and no
> competing products make sense to me.
>
> Mit freundlichen Grüßen,
>
> Doug
>
> --
> Doug Schwarz
> dmschwarz&ieee,org
> Make obvious changes to get real email address.
 | 
Pages: 1
Prev: Callback simulink parameters to edit text box in GUI
Next: Where is urlConnection.setReadTimeout?