As often
davorg is right, common spots to examine when talking about security are :
- Possible denial of service
- Access control
How to restrict/setup rights to access/modify/delete data or resources.
- Authentication
Especially way to bypass it or impersonate someone.
- Data integrity
Protect your data againts corruption deletion...
I'm not only talking about physical integrity but also about logical one (to prevent injection of fake data or the creation of an incoherent state in your data)
"
Only
Bad
Coders
Code
Badly
In
Perl" (OBC2BIP)