--- fliptop <[EMAIL PROTECTED]> wrote: > i think there are several things that help contribute to the testiness > of open source programmers in general: [snip] There are other reasons, too. Just today, I was asked to break a version of a Web site we were about to publically release. It took me 5 minutes to find a security hole and demonstrate that I could execute any arbitrary SQL against our database by passing it through the URL (it's easier than one might think for many sites). Fortunately, that stopped this code from moving out, but the programmer who wrote the code explained that hackers would first have to know the names of the tables they were affecting and thus, things were secure. After I shut this down, I could tell that the programmer who wrote this thought I was a jerk, but that's too bad. This is a major reason why many of us can get testy. When people *insist* that their code works when one can clearly see that it doesn't, we get irritated. I'm usually nice about it at first. If someone insists and I'm in doubt (which happens more than I care to admit), I'll get a second opinion, but once I *know* that code is bad, if I'm the gatekeeper, I will shut the programmer down cold if they try and fight me. Does that make me an *hole? Perhaps. I've let sloppy stuff out the door, but I won't knowingly let dangerous stuff out the door and I'll be mean as heck if that's what it takes to get my point across. Check all egos at the door. That might be my credit card number on the line. Cheers, Curtis Poe ===== Senior Programmer Onsite! Technology (http://www.onsitetech.com/) "Ovid" on http://www.perlmonks.org/ __________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
