On Tue, 26 Jun 2001, aleph1at_private spewed into the ether: > I am defining it as: The principle of inclusion tells us that when > performing input validation for security purposes we should not > define what is considered invalid input and refuse any > input that matches this definition, since our definition of what > is invalid may not be complete, and that instead we should define what > is considered valid input and refuse any input that does not match > this definition. How about: [Principle] The principle of inclusion tells us that when performing input valiadation for security purposes, we should first define valid input and refuse any input that does not match this definition. [Reason] This is because the valid input set is smaller and finitely bounded, while that of invalid input is unbounded, and therefore more difficult to filter out. This principle is derived from the KISS principle (Keep It simple, Stupid) [Yes, same thing, stated slightly differently, and the words in [] are comments, and not part of the statement] Devdas Bhagat -- Only two of my personalities are schizophrenic, but one of them is paranoid and the other one is out to get him.
This archive was generated by hypermail 2b30 : Thu Jun 28 2001 - 09:11:14 PDT