On Fri, Mar 11, 2011 at 5:18 PM, Jeff Hutchins <compl...@gmail.com> wrote: > +1 for this fix. I don't think that security through obscurity is ever > a good choice.
This is only a valid criticism if obscurity is your *only* source of security. However, there's no reason that obscurity can't form one of *many* barriers. A good lock should be able to withstand the publication of all the specifications for how the lock works, but that doesn't mean you have to make an intruder's life easy by going out of your way to actually publish those specifications. Every extra piece of obscurity is one more piece of information that a potential attacker will need to determine before they can commence an attack. Yours, Russ Magee %-) -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
