PoissonPilote writes "I'm currently developing a multi-player, browser-based game, using the good old HTML, JavaScript, PHP amp; MySQL combination. Progress is good so far, and the number of players is slowly but steadily increasing. At the beginning of the project, I decided to put the entirety of my game under the MIT license, so that anyone could study the code or even start their own server for the game. However, with the increasing popularity of my project, I am starting to worry about security issues. Even though I consider myself decent at web development and am pretty sure I'm not making any classic mistakes (SQL injection, cross-site scripting, URL forgery, etc.), I am no web security expert. I didn't find any relevant examples to compare my game to, as most open source games are written in a compiled language, and no web server is at stake in those cases. Some web developer friends told me not to release the source code at all; others told me to release it only when the game will be shut down. Naturally, I'm not satisfied by either of these solutions. What approach would you recommend?"pa href="http://www.facebook.com/sharer.php?u=http%3A%2F%2Fask.slashdot.org%2Fstory %2F10%2F06%2F27%2F166200%2FSecurity-For-Open-Source-Web-Projects" target="_blank" title="Share on Facebook"img src="http://a.fsdn.com/sd/facebook_icon_large.png"/a a href="http://twitter.com/home?status=Security+For+Open+Source+Web+Projects% 3F%3A+http%3A%2F%2Fbit.ly%2FbwrUOo" target="_blank" title="Share on Twitter"img src="http://a.fsdn.com/sd/twitter_icon_large.png"/a/ppa href="http://ask.slashdot.org/story/10/06/27/166200/Security-For-Open-Source-Web-Projects?from=rss"Read more of this story/a at Slashdot./p pa href="http://feedads.g.doubleclick.net/~at/3AlEA04K7dAwFG9THlFady2mWwc/0/da"img src="http://feedads.g.doubleclick.net/~at/3AlEA04K7dAwFG9THlFady2mWwc/0/di" border="0" ismap="true"/img/abr/ a href="http://feedads.g.doubleclick.net/~at/3AlEA04K7dAwFG9THlFady2mWwc/1/da"img src="http://feedads.g.doubleclick.net/~at/3AlEA04K7dAwFG9THlFady2mWwc/1/di" border="0" ismap="true"/img/a/pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotDevelopers/~4/fw1ssCLwCt0" height="1" width="1"/
More...