Dave, On Apr 11, 2005 9:58 PM, Dave Paris <[EMAIL PROTECTED]> wrote: > The programmer is neither the application architect nor the system > engineer.
In some cases he is. Either way, it doesn't matter. I'm not asking the programmer to re-design the application, I'm asking them to just program the design 'correctly' rather than 'with bugs' (or - security problems). Sometimes they leave 'bugs' because they don't know any better, so sure, train them. [oops, I'm moving off the point again]. All I mean is that they don't need to be the architect or engineer to have their decisions impact the security of the work. > If > security is designed into the system and the programmer fails to code to > the specification, then the programmer is at fault. Security can be design into the system in many ways: maybe the manager was vauge in describing it, etc, etc. I would question you if you suggested to me that you always assume to _NOT_ include 'security' and only _DO_ include security if someone asks. For me, it's the other way round - when receiving a design or whatever. > While there are cases that the programmer is indeed at fault (as can > builders be), it is _far_ more often the case that the security flaw (or > lack of security) was designed into the system by the architect and/or > engineer. So your opinion is that most security flaws are from bad design? That's not my experience at all... What are you classifying under that? > It's also much more likely that the "foreman" (aka > programming manager) told the builder (programmer) to take shortcuts to > meet time and budget - Maybe, but the programmer should not allow 'security' to be one of these short-cuts. It's just as crucial to the finsihed application as implementing that method to calculate the Net Proceedes or something. The manager wouldn't allow you to not do that; what allow them to remove so-called 'Security' (in reality - just common sense of validating inputs, etc.). -- Michael