14 points | by samtrack2019 a day ago ago
3 comments
I mean, sure.
But what about allowing user inputs in trusted fields,
Or allowing switching environments per request, on inputs from users
Or allowing requests in a user context to access storage from another
Or storing everything in plaintext on a node that everything can access
Or not validating user inputs
Or...
Its not a success story.
Nothing on auditing other fields? Nothing on how it escaped test coverage? No fuzzing?
I mean, sure.
But what about allowing user inputs in trusted fields,
Or allowing switching environments per request, on inputs from users
Or allowing requests in a user context to access storage from another
Or storing everything in plaintext on a node that everything can access
Or not validating user inputs
Or...
Its not a success story.
Nothing on auditing other fields? Nothing on how it escaped test coverage? No fuzzing?