Open pipipipi2002 opened 1 year ago
We do not believe the severity should high as in the first place a user should not be tampering with the save file of the program. Analogously it would be like a user tampering with the source files of the program and expecting it to still work the same. In this case it is highly unlikely that a normal and non malicious user would tamper with the save files.
Team chose [response.Rejected
]
Reason for disagreement: CS2113 requires any database to be user editable, and the txt file is a user editable file.
Thus, it is expected that users can edit the data and potentially cause an invalid format in the file itself. Thus, regardless of the probability that a normal user would tamper the file, a good software practices is always to check for valid file, so as to prevent any malicious intent or security threats. It is not enough to assume user would do what they normally do.
Thus I diagree with the team response.
Team chose [severity.Low
]
Originally [severity.High
]
Reason for disagreement: As this is violating the CS2113 TP constraint,
I maintain my severity level at High.
I tried to tamper the
newpc.txt
by removing a data point and it failed to run the program afterwards