Re: Re: Module testing using passwords

Sounds good so far:

First point: We really don't have spare equipment to do this with, and I don't think I can make the assumption that a random sysadmin grabbing this from CPAN (should it end up there) will either. Perhaps you're talking about writing some sort of simulator?
I've been trying to avoid requiring Module::Build to be installed as a prerequisite for these packages (the main disadvantage of Module::Build over ExtUtils::MakeMaker is that it isn't (yet) included in the core).
As the module currently sits, I do use the environment variable method, and my main reason for posting was the concern that setting sensitive information like this in the environment is little to no more secure than having it on the command line. Indeed, environment variables are usually set on the command line, either in the make command or via setenv.

This package should only be installed by network administrators and preferably on a server with only net admins as users. Perhaps a warning in the README to this effect, right under the part of the install instructions that describe the environment variables used, will suffice. On the other hand, it would likely be better to prompt if possible, just like Net::Telnet::Cisco does, and other replies indicate it does work.

Thanks much.

Update: forgot to put the URL in the link for Net::Telnet::Cisco, it's there now.

Comment on Re: Re: Module testing using passwords

Replies are listed 'Best First'.
Re: Re: Re: Module testing using passwords by adrianh (Chancellor) on Mar 09, 2004 at 11:26 UTC
We really don't have spare equipment to do this with, and I don't think I can make the assumption that a random sysadmin grabbing this from CPAN (should it end up there) will either. Perhaps you're talking about writing some sort of simulator? Yup, a simulator is what I'm talking about - have a google for mock objects. You can do similar things with external code/servers. For example I have some tests for some code that talks to sendmail that fires up my own binaries. Because you're using a simple simulator you make it do whatever you want, making it much easier to test error handling code (e.g. how would you test a "real" server aborting a connection half way through). I've been trying to avoid requiring Module::Build to be installed as a prerequisite for these packages (the main disadvantage of Module::Build over ExtUtils::MakeMaker is that it isn't (yet) included in the core). Fair point. For me the pain in having to reinvent the wheels that Module::Build provides now outweigh the pain of having to get yet another module installed. As ever YMMV :-)	[reply]

Replies are listed 'Best First'.

Re: Re: Re: Module testing using passwords
by adrianh (Chancellor) on Mar 09, 2004 at 11:26 UTC

We really don't have spare equipment to do this with, and I don't think I can make the assumption that a random sysadmin grabbing this from CPAN (should it end up there) will either. Perhaps you're talking about writing some sort of simulator?

Yup, a simulator is what I'm talking about - have a google for mock objects. You can do similar things with external code/servers. For example I have some tests for some code that talks to sendmail that fires up my own binaries. Because you're using a simple simulator you make it do whatever you want, making it much easier to test error handling code (e.g. how would you test a "real" server aborting a connection half way through).

I've been trying to avoid requiring Module::Build to be installed as a prerequisite for these packages (the main disadvantage of Module::Build over ExtUtils::MakeMaker is that it isn't (yet) included in the core).

Fair point. For me the pain in having to reinvent the wheels that Module::Build provides now outweigh the pain of having to get yet another module installed. As ever YMMV :-)

[reply]