|
|
|
|
|
|
by rietta
4133 days ago
|
|
|
Yeah, I definitely would not do that to a 3rd party system without a specific letter of engagement for penetration test or security review. Now, that being said, it's the first thing I would tell every single developer about as a senior developer and I would insist that test cases be written to verify that no such 'feature' was permitted into the application. |
|
|
Heck, if we're being that careful maybe I should just throw my computers out the window. A Google search result or a forum post could link me to the wrong page and I could get sued.