-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Daniel Quinlan writes:
> John Gardiner Myers <[EMAIL PROTECTED]> writes:
>
> > I think one weakness in the design of eval tests in general is that
> > their definition is split into two different places, a function
> > definition in some .pm file and a function call in some .cf file. The
> > .cf file isn't very amenable to multiple-line chunks of perl code, so
> > perhaps it would be good if the .pm files directly defined the tests.
>
> You're getting closer to the issue, I think.
>
> Converting sections of tests into plugins where some people will want to
> disable the entire set due to performance, memory, or similar
> constraints (i.e., Bayes tests, network tests, special functionality,
> etc.) does make sense. However, converting individual (or nearly
> individual) tests that are "always on" (unless the rule gets a zero
> score) into plugins never has made as much sense to me.
>
> What if we allowed .cf files to include the eval test Perl code?? It's
> a bit more radical, but it *would* be cleaner and both adding new ones
> and removing old ones would be rather straightforward. Imagine, for
> example, the HTML-ish eval tests (some of which have been fairly stable)
> being located at the top of the 20_html_tests.cf file.
>
> This would give everyone, especially rule writers, a lot more
> flexibility. Of course, users wouldn't be able to define them. The .cf
> files already are code, this is just multiple-line code.
Actually, there's a *little* difference between .cf and .pm,
security-wise; we still make an effort to block code-execution from .cf
files, whereas .pm files are free to run whatever perl code they want.
I'd prefer to keep .pm code out of the .cf's, for this reason. However a
convention of matching .pm/.cf pairs:
.../rules.../20_rules.cf
.../rules.../20_rules.pm
is a good middle ground in my opinion.
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFDuxFwMJF5cimLx9ARAigQAJ9IhpI1jVNfykbaCsxyaDtf8W+wjQCbBwGe
mMP8dr9IY9dimmOl80ZkY04=
=0kdc
-----END PGP SIGNATURE-----
