On Thu, Sep 11, 2008 at 12:33 AM, Greg Ewing
<greg.ewing@xxxxxxxxxxxxxxxx> wrote:
On Wednesday 10 September 2008 04:31:10 James Mills wrote:
step 4. "Audit code to be sure it isn't evil".
That's nice in theory, but can you honestly say that you
meticulously examine every line of every piece of code that
you download before running it?
Greg
Has anyone here ever looked over code to make sure it was safe without
being on the team that wrote it or working at this as your job?
Also, if you did, what would you look for? I mean it would be really
easy to leave a little one over or one under bug or fail to check the
input in a way that would let you hack a piece of code and REALLY hard
to find it.