Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

Re: Re: Code review on script site

by Jazz (Curate)
on Nov 24, 2001 at 06:39 UTC ( #127214=note: print w/ replies, xml ) Need Help??


in reply to Re: Code review on script site
in thread Code review on script site

wog, thanks for the suggestions. A couple of questions/comments, if I may?

Security flaws allowing arbitrary code execution, arbitrary file access, or arbitrary sending of many, many e-mails in a short period of time with no way of tracing origin: either removal from listing until problems are fixed, or marked with "Serious Security Flaw" on the page where it's listed (not just the "detail" page).

This seems related to the tainting point. Should that point be reworded to something like: "Security. Implements valid checks on all user input for potential security breaches or other damage; prohibits arbitrary commands."?

Is portable. Exceptions given where script's function is inherently platform-specific. ( -1 if not portable to both Windows and UNIX, +1 for use of File::Spec instead of hard-coding "/", /\A.{1,2}\z/, etc. )

Hmmm. Submitted scripts (usually) list the platforms that the script has been tested with/developed for. Does anyone second the motion of point loss if it's not cross-platform?

Jasmine


Comment on Re: Re: Code review on script site
Download Code
Re: Re: Re: Code review on script site
by wog (Curate) on Nov 24, 2001 at 06:54 UTC
    Security. Implements valid checks on all user input for potential security breaches or other damage; prohibits arbitrary commands.

    I would, minimally, mention something to the effect of not being an easy gateway for spammers. Also, I would advise against saying "prohibits"; try something which expresses that your reviewers cannot find all possible holes in the script, like "does not appear to allow".

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://127214]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others exploiting the Monastery: (4)
As of 2014-07-26 19:47 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (178 votes), past polls