308
edits
Security:Scattered Security Checks: Difference between revisions
Jump to navigation
Jump to search
Security:Scattered Security Checks (view source)
Revision as of 21:54, 12 September 2006
, 12 September 2006→Conceptual description
No edit summary |
|||
| Line 4: | Line 4: | ||
= Conceptual description = | = Conceptual description = | ||
In this model, security checks are performed as needed in the code flow. For example, before setting some internal member of a class, we could check whether the caller is allowed to set it. This model requires keeping track, throughout our code, of who "the caller" is. This is more or less the current model, except we pretty much completely screw it up. | |||
= Pros and cons = | = Pros and cons = | ||
= Implementation notes = | = Implementation notes = | ||