2

I'm just about to rewrite my personal site as a learn-as-you-go project and am thinking of open-sourcing the code (see this question).

Are there any examples of large-ish web sites (not desktop applications) which have made their code open-source? Or is this generally thought of as a bad idea because it would be easier for a malicious hacker to find any security holes in the code?

Community
  • 1
  • 1
Mark Bell
  • 28,985
  • 26
  • 118
  • 145

1 Answers1

3

WordPress is the best example, I can think of in your case.

And, the security implications come from the loopholes, you might leave by mistake or in coding process. But, then when you are open-sourcing the project, a lot of people may contribute and help you resolve those issues, which is how WordPress also works. They have a bug-tracker setup for them for this purpose.

Stoic
  • 10,536
  • 6
  • 41
  • 60
  • I can see how this would be beneficial if you have a lot of contributors (like Wordpress), as things are likely to get fixed pretty fast and hence if someone does decide to exploit a hole it will be noticed quickly. However, do you think this applies for a small project where I'm likely to be the only contributor? – Mark Bell Dec 08 '10 at 10:02
  • Yeah. I agree, it will be really tough getting contributors initially. But, I would favor Open Source over anything else. The slow benefit being people will occasionally use up your code, check it for correctness, and in fair chances mail you with the issues :) I have done it and received these responses. However, the real power comes from when you get a real contributor - this is when you two get involved and make up something a lot better, which will not happen if its proprietary code. – Stoic Dec 08 '10 at 10:12