[nycphp-talk] security? we don't need no stinkin security!
Chris Shiflett
shiflett at php.net
Fri Dec 5 12:43:24 EST 2003
--- David Mintz <dmintz at davidmintz.org> wrote:
> Suppose -- just hypothetically -- I write a shell script that greps
> the ps output for a user-specified string. I could say, here's my
> shell script and you're welcome to use it, but it depends on ps and
> grep being installed on your system. Is it not a good shell script?
I think it's a fine shell script, but it might not be such a good module,
if that makes sense. If someone comes along and decides that they want the
functionality of ps, grep, and something else, they should use grep and ps
separately rather than your script.
I'm not saying I'm dead set on this approach, but I understand the
argument. On the other side, such abstraction can potentially be a good
thing. I think it really depends on the situation and your personal
preference.
Chris
=====
Chris Shiflett - http://shiflett.org/
PHP Security Handbook
Coming mid-2004
HTTP Developer's Handbook
http://httphandbook.org/
More information about the talk
mailing list