1 % About the TestCMS code: are there important aspects that could (or should)
2 % be changed to improve security? Or aspects that could be changed to
3 % facilitate doing a security review?
5 We found that the general design of the TestCMS codebase was pretty adequate.
6 Functionality was neatly grouped by in different modules in the
\code{system
}
7 directory. The code was very readable and commented. This made the security
8 audit easier to do than we had initially expected.
10 At the same time the TestCMS did not really do this in the case of security
11 critical components. Input sanitization happens all over the place (and in
12 some cases it does not happen at all). Middleware based design patterns could
13 make the processing of input and output a somewhat less cluttered.
15 Another thing that struck us about the TestCMS code is that all functionality
16 was written by the programmer him/herself. Although it may make the application
17 a bit slower, using a template engine (like Twig
\footnote{\url{http://twig.sensiolabs.org/
}})
18 could make the application design clearer and more secure by design. While a
19 template engine is not necessary, we think that using the new
\code{MySQLi
} API
20 and in combination with prepared statements is a good change to start with.
21 This would improve the security by default, as the designers of libraries
22 like these usually have more security knowledge than the random programmer.
repositories / ssproject1617.git / blob