Yvan Boily wrote: > Hi George, > > I think a much more eloquent form of what you are saying is that > validation must be performed each time data crosses a security > boundary.
Hello Yvan, I absolutely agree. Wish I'd said it myself . . . :) > > The challenge is in helping people to understand what a security boundary is. Errrmmmmmm. Into understatement these days, eh? :) Thanks for your comments. Best regards, /g _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php
