Secure Coding mailing list archives
RE: Hypothetical design question
From: "Dave Paris" <dparis () w3works com>
Date: Wed, 28 Jan 2004 16:59:30 +0000
Not to wander from the strict topic or be inflamatory but more often than not it's the marketing department mandating "features". Not too many programmers I know are in the position to just add features during their implementation. (at least in commercial-ware) Heck, most programmers I know have sufficient intellectual agility to realize that a lot of features currently found in common applications are just Really Bad Ideas [tm] from any number of angles, security ranking at or near the top. I do believe most programmers are aware of the consequences. Unfortunately, they're not the ones steering the boat (toward the rocks). Most programmers also have this silly need for food and shelter which tends to conflict with the act of contradicting the feature list to which they're supposed to code. :-) In short, please don't shoot the messenger. Kind Regards, -dsp -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Andreas Saurwein Sent: Tuesday, January 27, 2004 10:21 PM To: [EMAIL PROTECTED] Subject: Re: [SC-L] Hypothetical design question [...] There is always the simple excuse that the OS should do it. So far OS'es are not intelligent enough to protect users from stupid programmers and itself from stupid users. I think its time that we think about how much features we offer to our users and how they affect the environment they are running in. We [programmers] are not aware of the consequences of our implementations. cheers Andreas
Current thread:
- Hypothetical design question Kenneth R. van Wyk (Jan 27)
- Re: Hypothetical design question Paco Hope (Jan 27)
- Re: Hypothetical design question Andreas Saurwein (Jan 28)
- RE: Hypothetical design question Dave Paris (Jan 28)
- RE: Hypothetical design question Andreas Saurwein (Jan 28)
- RE: Hypothetical design question Dave Paris (Jan 28)
- RE: Hypothetical design question Michael S Hines (Jan 28)
- Re: Hypothetical design question Kenneth R. van Wyk (Jan 29)
- Re: Hypothetical design question Andreas Saurwein (Jan 28)
- Re: Hypothetical design question Paco Hope (Jan 27)
- Re: Hypothetical design question Paco Hope (Jan 28)
- Re: Hypothetical design question Dave Aronson (Jan 28)
- Re: Hypothetical design question Andreas Saurwein (Jan 28)
- RE: Hypothetical design question Michael S Hines (Feb 02)