CDR: Re: Bad Coding Practices
Jim Choate
ravage at ssz.com
Thu Sep 28 19:06:03 PDT 2000
On Thu, 28 Sep 2000, Steve Furlong wrote:
> Also, I should note that an ISO-900x shop will have procedures that
> should be followed for all aspects of development. The procedures aren't
> a cure-all, but they do make surreptitious bad behavior much less
> likely. Alas, not many software shops have ISO-900x certification.
The trick would be to subvert the code management system and the build
shop. That would generaly require higher access than the programmers
have. Not that it couldn't be hacked, but you'd have a lot of logs (and if
they're using a journaling filesystem that adds yet another layer) to
wipe. That means time. Such a hack would take a planned extended effort.
It generaly wouldn't be spur of the moment.
Then again, code reviews on future releases of that code base and the
patch shop roaming around would provide post facto mechanisms for finding
such kludges.
____________________________________________________________________
He is able who thinks he is able.
Buddha
The Armadillo Group ,::////;::-. James Choate
Austin, Tx /:'///// ``::>/|/ ravage at ssz.com
www.ssz.com .', |||| `/( e\ 512-451-7087
-====~~mm-'`-```-mm --'-
--------------------------------------------------------------------
More information about the cypherpunks-legacy
mailing list