On 7/11/09, James Gray <james / grayproductions.net> wrote:
> So, if you steal my password to David's service, you can do what
> exactly? Log into David's service that you were obviously already
> logged into?  I guess you could run Ruby 1.0 as me instead of you.
> Are we worried about that?

I could launch my spam relay (or whatever malware) from your account,
that way when the spam cops come knocking you get the blame and I
still have the chance to steal someone else's password.

> As for "screwing up" the service, well, I'm not too sure what that
> means. Make old Ruby interpreters not run correctly?  I guess I assume

What if I were to switch the 186 and 187 versions of the interpreter?
That's subtle enough that it might not get noticed for a while. But it
sure could cause confusion. Maybe not a huge issue, but it would sure
be annoying.