Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Submission + - Security for open source web projects 1

PoissonPilote writes: I'm currently developing a multi-player browser based game, using the good old HTML, Javascript, PHP & MySQL. Progress is good so far, and my number of players is slowly but steadily increasing.
At the beginning of the project, I decided to put the entirety of my game under the MIT licence, so that anyone could study the code or even start their own server for the game.
However, with the increasing popularity of my project, I am starting to worry about security issues. Even though I consider myself decent at web development and am pretty sure I'm not making any classic mistakes (SQL injection, cross-site scripting, URL forgery, etc.) I am no web security expert. I didn't find any relevant examples to compare my game to, as most open source games are written in a compiled language, and no web server is at stake in those cases. Some web developers friends told me not to release the source code at all, others told me to release it only when the game will be shut down- naturally I'm not satisfied by either of these solutions.

What approach does Slashdot recommend ?

At the source of every error which is blamed on the computer you will find at least two human errors, including the error of blaming it on the computer.