Test-TempDatabase reviews

cpanratings
 

RSS | Module Info | Add a review of Test-TempDatabase

Test-TempDatabase (0.12) *

Test-TempDatabase is dangerous. It is a test module but requires PostgreSQL superuser privilege. Running potentially-may-have-bug test suites with superuser privilege is out of mind.

This is especially true for us CPAN testers. We CPAN testers run tests for tens of unknown modules per day from all over the world. Not knowing what module we are testing but requiring us to grant a superuser privilege, is insane.

It is more reasonable to ask the PostgreSQL group to add a “create temporarily database” non-superuser privilege than using this module.

依瑪貓 - 2007-11-04T00:12:53 (permalink)

10 out of 10 found this review helpful. Was this review helpful to you?  Yes No

Test-TempDatabase (0.02) *

This module has poor security that can be avoided. It makes system calls from the user input without any validation:

`createdb $db_name >& /dev/null`;

The same thing could accomplished easily without using a system call. ("CREATE DATABASE" can issued from within DBI and has a chance of being portable).

Mark Stosberg - 2005-01-03T10:16:48 (permalink)

6 out of 6 found this review helpful. Was this review helpful to you?  Yes No

Test-TempDatabase (0.02) *


This module doesn't provide options to specify what database one wants: only Postgres is used, so if one doesn't have DBD::Pg, one cannot use it.

What does creating a temporary database have to do with Testing? It should be called something like DB::Temp.

The abstract/author sections of the Makefile.PL are not updated, and the requirement for DBD::Pg is not specified in the Makefile.PL. Nor has Changes been updated.

Robert Rothenberg - 2005-01-03T07:29:29 (permalink)

5 out of 5 found this review helpful. Was this review helpful to you?  Yes No
1 hidden unhelpful review