问题
I'm just about to rewrite my personal site/blog using ASP.NET 4/MVC. I usually use my private Subversion server for version control, but for this project I'm intending to use Git/GitHub —I've been using Git more and more recently and prefer the way it works. I'd also like to make my code open-source in case anyone else wants to use it to learn from.
My question is this: if I make the source code of my personal site publicly available on GitHub, am I exposing myself to an increased risk of security breaches?
I'm not concerned about intellectual property here, just about security—whatever code I write will be fairly basic anyway.
I realise that a) the open-source community leans very much toward the white-hat and b) my tiny web site is not by any means a worthwhile target.
Having said that, if I'm publishing my code and I make a mistake which results in a security hole (and I'm positive that at some stage I will, nobody's perfect), it only takes one malicious person to exploit it rather than letting me know and I'm screwed, aren't I?.
回答1:
If you open-source it, it has a higher chance of being hacked, but you have a much higher chance of being told about it. If you don't, you may not get told about it if it happens.
来源:https://stackoverflow.com/questions/4385081/should-i-make-the-code-for-my-personal-web-sites-open-source-what-are-the-secur