 |
|
 |
|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 418 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: Security problem (Score: 1)
by kipuka on Tuesday, December 23 @ 06:17:55 CET
(User Info | Send a Message) | I agree it would cause a tremendous bottleneck. For open source software, you really cannot stop anyone from releasing theirs anyway. The rigorous testing though would give users a certain comfort level especially if the resulting code had far less bugs. The better testing code undergoes before release the less need to even have a separate group. Many who volunteer to beta test though just put the script on their site and run it for awhile. They don't actively look for hidden breaks and potential security holes.
I don't think the CMS shell can do everything. It would be really hard to code and may end up being inefficient and not able to catch all scenarios. The shell could however offer functions or a class to do validations which people can use in their scripts. If there turns out to be faulty logic, you only need to change it in the one place and it would fix it for all. You cannot force people to use central validation, but it would be very beneficial if everyone did. This won't stop those from producing inefficient or breakable code. For that, you still need human testers or build a pretty comprehensive script analyzer. |
| Parent | | | | | |
|