0

To start with, I am dangerously bad at security. I am aware of this, which is why I'm asking for help to figure this out.

I have a POCO object, which is exposing an ICollection of a model object, so that I can act on it. Is there an inherent flaw in allowing this, or should I preferably be looking for another way to get the info I need from the Model objects without storing them in the POCO?

rp.kelly
  • 35
  • 4
  • You haven't provided enough info to get a good answer. Both a poco and a model are but classes, and they themselves have no bearing on security. – Andrew Hoffman Dec 02 '14 at 19:44

1 Answers1

0

No - there is nothing inherently insecure about having a POCO that exposes a collection model objects.

Depending on how you use user input to interact with any object and depending on what you do with that data later can open you up to potential security vulnerabilities, but without seeing your code it's impossible to say if this is something you should be concerned about.

Abe Miessler
  • 8,195
  • 11
  • 49
  • 73