[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: A more hands on review process
From: "Richard Moore" <richmoore44 () gmail ! com>
Date: 2008-08-01 10:37:59
Message-ID: 5491a5150808010337k302613ecmdbb7eddc41f1159e () mail ! gmail ! com
[Download RAW message or body]
On 7/31/08, Stephen Kelly <steveire@gmail.com> wrote:
> Security
> * The application / library has no obvious security flaws.
> * Network accessing protocols
> * html entities ('<', '>', "'", '"', '?') are encoded
For HTML you should quote '<', '>', '"' and '&'. The others are not required.
All places where the application launches external programs should be checked.
Any SQL queries processing untrusted data should be checked.
Cheers
Rich.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic