Path: news.mathworks.com!not-for-mail
From: "Jan Simon" <matlab.THIS_YEAR@nMINUSsimon.de>
Newsgroups: comp.soft-sys.matlab
Subject: Re: Official rules for the FEX
Date: Sun, 20 Dec 2009 19:49:03 +0000 (UTC)
Organization: Universit&#228;t Heidelberg
Lines: 41
Message-ID: <hglv3f$r76$1@fred.mathworks.com>
References: <hgihbj$3k$1@fred.mathworks.com> <hgitds$5i8$1@fred.mathworks.com> <see-0EF830.20343919122009@news.frontiernet.net> <hglhd7$e6g$1@fred.mathworks.com> <hglnbu$d7t$1@fred.mathworks.com>
Reply-To: "Jan Simon" <matlab.THIS_YEAR@nMINUSsimon.de>
NNTP-Posting-Host: webapp-02-blr.mathworks.com
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Trace: fred.mathworks.com 1261338543 27878 172.30.248.37 (20 Dec 2009 19:49:03 GMT)
X-Complaints-To: news@mathworks.com
NNTP-Posting-Date: Sun, 20 Dec 2009 19:49:03 +0000 (UTC)
X-Newsreader: MATLAB Central Newsreader 869888
Xref: news.mathworks.com comp.soft-sys.matlab:593994

Dear John!

> As a member of the (essentially defunct) FEX
> team who consistently argued against compiled
> code on the FEX, my reason has always been of
> the risk to downloaders due to malicious code.
> You cannot tell me that there will not be
> someone willing to do this, and therefore,
> someone WILL do it.
> 
> How about including compiled code WITH the
> source? Even here I see a serious risk. There is
> nothing to stop a malicious poster from adding
> something malicious to the compiled version.
> So submit a completely innocuous piece of
> source code, but a nasty compiled version. It
> is the same with p-code. If we cannot see inside,
> then the submitted code is dangerous and not
> acceptable for submission.
> 
> As far as simply submitting a link to external
> compiled code, the FEX should also not accept
> a pure link to compiled code. Of course, one can
> always submit something to the link exchange.
> And if you provide the source code on the FEX,
> plus a link to a compiled version, this is probably
> something they cannot police.
> 
> John

Thanks for this clear answer, John!
The MEX question is solved for me with that.

I do not think, that animated or transparent GIFs have been dangerous ever.
It was the TMWs (your) decision to dare to open a platform for publishing at least potentially dangerous M-functions (!) and this is really and totally helpful! 

I'm happy, that even TWM cannot read in P-coded files.

I'm wondering what "essentially defunct FEX team" means. I'm convinced that the remainding(?) team can encourage somebody from the WWW team to rectify the page for new submissions and the guidelines.

Kind regards, Jan