On 03/06/2012 04:12 PM, Samus CTO (OpenERP) wrote: > Of course we can use more descriptive vars but I have the habit to simplify > iterators/indexes (column c, line l, index i, option o, value v), not just > integers.
I was simply emphasizing that it's always better to be readable than concise. If you have other habits, now may be a good time to change them ;-) It literally takes negligible time for you to think and use a readable name that will be self-explaining for all future readers of the code you write. Having a one-letter name can sometimes increase readability when it is only used on its own line (as is the case for a lambda or a list comprehension), but in all other cases it's just laziness and hurts readability. > About the security issue I think it's not really the business of our > application. On the contrary, it is an important issue that OpenERP has to consider, because users trust business critical private data to the system. An average sysadmin will take obvious measures to protect the data such as not giving physical access or root access to the server to everybody, but that is usually not enough. Great applications can help by taking proactive steps to avoid leaking sensitive data outside of the application's control without the admin noticing. I think this is one of them: we can help the admin avoid a not-so-obvious leak. > Please read the following examples: > * Many people love to make their configuration file readable by all. But we > don't check permission of our config files and its not the role of our > application I don't think they "like" to do it. They just keep the default permissions that the system assigns, period. Why do think SSH won't read accept a config file or key file that is not strictly chmoded 600? Actually it's a good point, we should do the same for the OpenERP config file, which contains the same sensitive information as the environment - its permissions should be checked. > * Most programs make user able to enter a password in their command-line to > allow scripting. The trick, I guess, is to make no user able to read the > script but to execute it (example ldapsearch > http://linux.die.net/man/1/ldapsearch Perhaps one reason they do it is because they are not meant to be long-running and don't leave an obvious track in the process list. Or just because they do not consider their software to be sensitive enough. I think we should be more cautious and look at the better examples rather than the worse ones ;-) -- https://code.launchpad.net/~openerp-dev/openobject-server/trunk-environment-vars-cto/+merge/94564 Your team OpenERP R&D Team is subscribed to branch lp:~openerp-dev/openobject-server/trunk-environment-vars-cto. _______________________________________________ Mailing list: https://launchpad.net/~openerp-dev-gtk Post to : [email protected] Unsubscribe : https://launchpad.net/~openerp-dev-gtk More help : https://help.launchpad.net/ListHelp
