Practicing Good Habits is always a good idea. Shortcuts are always bad. I understand what you are saying and it is entirely a matter of opinion, but I just don't think it is a good idea to condone or rationalize knowingly marking your code insecure.
BTW It will give you a + for challenging the system. :)
Re: Devil's (BSD) Advocate
Replies are listed 'Best First'.
Valid point, and to clarify...I don't knowingly make my code insecure. I try to practice Good Habits. My point was that I don't spend the extra time and effort to truly bullet proof my code simply due to it's use. Most of my code would only take a few modifications to make bullet proof, the problem is that the modifications in question take a lot of time, both to develop and to test. And since security is almost always a time trade (IE: any encryption can be broken, but will the data be obsolete by the time it is broken?) I usually focus more on stability than security for my situation. Again, for me that is a good trade.
I would also like to reiterate that I DO agree with the original post, and my reply was NOT meant to advocate sloppiness! It was meant as the "time and place for everything" side of this equation.
And yes that means the original post got a ++ from me, because it was well thought out and presented, and more importantly...RIGHT!
"Nothing is sure but death and taxes" I say combine the two and its death to all taxes!