[Owasp-testing] Contributing to the Code review Guide - Please Read. 80)

Eoin eoinkeary at gmail.com
Thu Jan 18 10:04:34 EST 2007


Hi,
Someone has be putting "helpful" comments in some sections of the Code
review guide, such as:
http://www.owasp.org/index.php/Native_Methods

"The moment you start writing native methods you leave the Java security
manager and memory protection faculties. Don't do it."

Firstly this is not helpful to anyone involved in code review.
Secondly if we are performing a code review on a native method code block
this advice is too late and useless.
Thirdly, sometimes native methods need to be used for legacy reasons.

The guide is to show what to look for in code review, This helpful advice is
firstly aimed at the developer and hence no good for a code reviewer.

thanks,
Eoin



-- 
Eoin Keary OWASP - Ireland
http://www.owasp.org/local/ireland.html
http://www.owasp.org/index.php/OWASP_Testing_Project
http://www.owasp.org/index.php/OWASP_Code_Review_Project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-testing/attachments/20070118/8bff551c/attachment.html 


More information about the Owasp-testing mailing list