Showing posts with label problems. Show all posts
Showing posts with label problems. Show all posts

Thursday, 12 February 2009

Worst Programming Errors

THE TOP 25 MOST DANGEROUS PROGRAMMING ERRORS
CWE-20:Improper Input Validation
CWE-116:Improper Encoding or Escaping of Output(bigger than most people think IMHO)
CWE-89:Failure to Preserve SQL Query Structure
CWE-79:Failure to Preserve Web Page Structure
CWE-78:Failure to Preserve OS Command Structure
CWE-319:Cleartext Transmission of Sensitive Information
CWE-352:Cross-Site Request Forgery
CWE-362:Race Condition
CWE-209:Error Message Information Leak
CWE-119:Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-642:External Control of Critical State Data
CWE-73:External Control of File Name or Path
CWE-426:Untrusted Search Path
CWE-94:Failure to Control Generation of Code
CWE-494:Download of Code Without Integrity Check
CWE-404:Improper Resource Shutdown or Release
CWE-665:Improper Initialization
CWE-682:Incorrect Calculation
CWE-285:Improper Access Control
CWE-327:Use of a Broken or Risky Cryptographic Algorithm
CWE-259:Hard-Coded Password
CWE-732:Insecure Permission Assignment for Critical Resource
CWE-330:Use of Insufficiently Random Values
CWE-250:Execution with Unnecessary Privileges
CWE-602:Client-Side Enforcement of Server-Side Security
Source: SANS Institute
0 comments Posted by bob hooker
Labels: ,

What don't you like about SharePoint?

I sometimes get asked what I think is SharePoint's weaknesses. No software is perfect and I would rather think about conditions under which you should probably think either about another product or and extension of SharePoint.

The 3 main "problems" I see with the current SharePoint are as follows:

1. Accessibility. This makes me rather sad actually because accessibility is not just about getting disabled people to see your site, but about good structured sites. Sadly the HTML produced by SharePoint is requires massive effort to make accessible to AA or AAA standards.

2. Graphics. Basic modifications are much better in MOSS than under SPS 2003, but still SharePoint is one of the harder tools to make look the way you want. I used to work with Senerna's Collage WCM tool and even now MOSS 2007 publishing features are far inferior.

3. File Plans. SharePoint RM does not support MoReq or TNA FilePlan trees structures. Since almost all existing RM solutions use complex filepans using MOSS as an RM replacement will be very difficult.
0 comments Posted by bob hooker
Labels: , , ,
Subscribe to: Posts (Atom)