A&S CGI Programming Guidelines

CGI scripts can present security holes in two ways:

• They may intentionally or unintentionally leak information about the host system that will help nefarious hackers break in.

• Scripts that process remote user input, such as the contents of a form or a "searchable index" command, may be vulnerable to attacks in which the remote user tricks CGI processes into executing commands.

Review Process

Reviewing a script by a walk-through or an inspection is a beneficial part of programming and it's necessary in order to run scripts on an Arts & Sciences Web server. Peer review is generally more effective at catching bugs than testing and it helps to have a second (and third) pair of eyes to look over code for syntactic, readablity and security concerns. Our process is an informal walk-through in which the participants communicate through email. Hopefully, the pool of available reviewers will expand as more reviews are done and participants learn the process. A&S reserves the right to recover the cost of time required to review scripts.

The Review Process for the Reviewee.

1. Code source access. Put your code source someplace where we can access it. Remove any passwords and other compromising configuration information. You can use our CVS server if you need someplace to put your code for evaluation.

2. Notify the review team. Fill out the Request form located at www.aas.duke.edu/comp/programming/registerform.html. Include a brief description of the code and its location.

3. Make updates. Read over the review comments and make the necessary updates.

The Review Process for the Reviewer.

1. Prompt review. Review and respond quickly.

2. Review for A & S compliance. See the sections on Documentation, File Layout, Logic Structure, Error Handling and Security. Include helpful pointers if you wish. This is a review by peers. Be constructive, not abusive. We want to make better programmers too.