How would this be caught in typical QA? Unit tests, acceptance tests, and genera... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gruez on March 31, 2018 \| parent \| context \| favorite \| on: APFS encrypted plaintext password found in another... How would this be caught in typical QA? Unit tests, acceptance tests, and general "usage" would all miss this bug. The only way this will be caught would be code review (is that QA?), or auditing all log files.

salutis on March 31, 2018 [–]

How? For example, they could have an acceptance test that greps system logs for any passwords entered by the test suite.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact