Ok, I was done with this thread, but want to make this clear, since I started it...
> And unless there's a specific reason not to provide a failover > mechanism, if I were the programmer I'd probably say "thanks for > pointing that out". Yep - but his point wasn't just that these 2 or 3 'shortcuts' existed. His point was that it took him all of a few minutes to find them after examining the code (after much prodding from me - you can read the entire thread on the SPAM-L list if you want) - which led to his very reasonable concern that if these were evident after just skimming the code, what other shortcuts are in there - and if the code is full of shortcuts and not properly commented, how many of these will result in an exploitable security risk. > On the other hand (and in no way negating the validity of the > specific example), ASSP works, and works well. This is what I keep coming back to - and why I continue to use it. > If the program crashed because of this it would be "horribly broken". > It doesn't. It may not be perfect, college programming class A+ > textbook material, but some times in the real world that doesn't > matter as much as getting the job done. Crashing was not his primary concern - exploitable security risks were. The fact that a program does not crash - and even performs well - does not necessarily that its code is well-written or secure. Anyway, I am not a programmer, and will have to defer to those who are more knowledgeable on the technical quality of the code. And, in the end, as you said above - ASSP works, and works well, so unless/until there is reason to stop using it, I will continue to do so. -- Best regards, Charles ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
