12 Guidance in legacy code
This chapter covers
- How to deal with ambiguous parameters
- Security issues caused by logging
- How DRY is about ideas, rather than text
- Absence of negative tests as a warning sign
- Introducing domain primitives in legacy code
Once you’ve grokked the fundamentals of the secure by design approach, you can start applying the concepts when writing code. This is usually easier when you’re doing greenfield development, but you’ll most likely spend a lot of time working on legacy codebases—codebases that weren’t created with a secure by design mindset. When working on such codebases, it can be difficult to know how to apply the concepts you’ve learned in this book and where to start.
In this chapter, you’ll learn how to identify some problems and pitfalls that we’ve found are common in legacy codebases. Some of them are easy to spot, and others are more subtle. We also provide you with tips and advice on how to rectify them. Some issues require more effort than others, so you need to choose your approach based on your situation. Hopefully this chapter will provide you with enough guidance to make that choice easier.