-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Daniel Quinlan writes: > John Gardiner Myers <[EMAIL PROTECTED]> writes: > > > I think one weakness in the design of eval tests in general is that > > their definition is split into two different places, a function > > definition in some .pm file and a function call in some .cf file. The > > .cf file isn't very amenable to multiple-line chunks of perl code, so > > perhaps it would be good if the .pm files directly defined the tests. > > You're getting closer to the issue, I think. > > Converting sections of tests into plugins where some people will want to > disable the entire set due to performance, memory, or similar > constraints (i.e., Bayes tests, network tests, special functionality, > etc.) does make sense. However, converting individual (or nearly > individual) tests that are "always on" (unless the rule gets a zero > score) into plugins never has made as much sense to me. > > What if we allowed .cf files to include the eval test Perl code?? It's > a bit more radical, but it *would* be cleaner and both adding new ones > and removing old ones would be rather straightforward. Imagine, for > example, the HTML-ish eval tests (some of which have been fairly stable) > being located at the top of the 20_html_tests.cf file. > > This would give everyone, especially rule writers, a lot more > flexibility. Of course, users wouldn't be able to define them. The .cf > files already are code, this is just multiple-line code. Actually, there's a *little* difference between .cf and .pm, security-wise; we still make an effort to block code-execution from .cf files, whereas .pm files are free to run whatever perl code they want. I'd prefer to keep .pm code out of the .cf's, for this reason. However a convention of matching .pm/.cf pairs: .../rules.../20_rules.cf .../rules.../20_rules.pm is a good middle ground in my opinion. - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Exmh CVS iD8DBQFDuxFwMJF5cimLx9ARAigQAJ9IhpI1jVNfykbaCsxyaDtf8W+wjQCbBwGe mMP8dr9IY9dimmOl80ZkY04= =0kdc -----END PGP SIGNATURE-----