On 06/09/16 23:57, Yasuo Ohgaki wrote: > It may differ from your software security model. Programmers are free > to choose which model to adopt. However, one shouldn't disturb > mandatory tool implementation for recommended security model by secure > coding specialists, IMHO. If you don't like/need it, it's free not to using > it after all.
My security model is no different to yours. But in my model 'Add validation functions to filter module' is adding another layer of checks and I think I'm simply adding them in a different place. I return to the original question which has not yet been answered. The block of input data being supplied from what ever source needs to be converted to a set of variables in PHP. That could be variables in a class, an associative array as in $_POST or simple variables which are probably ancient history now. If the definition of a variable is improved to include ALL of the validation we ideally need and I include setStrict(int) in that then at run time we can both validate input and decide on the error model that is applied. I think DbC is a wrapper at the development level as you describe it and we are back at the 'annotation' debate. What I'm still looking for is primary annotation such as 'strict' if appropriate although I would look at that as 'between 0 and 200' rather than expecting a clean binary integer to be supplied via some interface. I can use the annotation information to build the browser side validation, and know that I'm working with the same set of rules, and I would also include escaping rules so that the general string data can manage if material of a suspect nature is being processed. Such as WRITING the script files that are needed to output the elements that a blanket htmlentities() filter would block! If one is building template and javascript packages of code in the database then you need to filter the malicious stuff before saving them and ensure the stored data is clean. I could envisage loosening the validation checks on a secure private network where malicious activity would be a firing offence, but the sort of layer of security I'm looking at should not introduce any more delay than the normal. The way it falls down is if people can't be bothered to set the validation values up ... or create your filter array. Default rules such as your crude filters are a point for discussion. -- Lester Caine - G8HFL ----------------------------- Contact - http://lsces.co.uk/wiki/?page=contact L.S.Caine Electronic Services - http://lsces.co.uk EnquirySolve - http://enquirysolve.com/ Model Engineers Digital Workshop - http://medw.co.uk Rainbow Digital Media - http://rainbowdigitalmedia.co.uk -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
