Mailing List Archive
tlug.jp Mailing List tlug archive tlug Mailing List Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]Re: Software Design (was: Re: [tlug] Confessions of a closet OpenBSDuser)
- Date: Sun, 30 Jun 2002 23:37:38 -0400
- From: Josh Glover <jmglov@example.com>
- Subject: Re: Software Design (was: Re: [tlug] Confessions of a closet OpenBSDuser)
- References: <200206280141.g5S1fqC11383@example.com> <873cv8m2ue.fsf@example.com> <20020628065900.GA4162@example.com> <3D1CDB6F.50807@example.com> <20020629103649.GA10282@example.com> <15646.28625.376744.402507@example.com> <3D1F5015.1040609@example.com> <20020701013738.GA4057@example.com>
- Organization: INCOGEN, Inc.
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020606
Uva Coder wrote: > On Sun, Jun 30, 2002 at 02:38:13PM -0400, Josh Glover wrote: > > >>I am not sure I follow, Uva? Are you saying that elegance does not >>matter, or that code can appear to be inelegant and really be elegant? > > > No, here's an analogy. If you are a bridge builder and the basic > fundamentals your bridge design are flawed, then the plans should > be sent back and revised. Entrusting that the bridge builder has the > talent to build an elegant bridge doesn't matter if the bridge may > eventually collapse due to poor design. To sit and blame the bridge > building techniques doesn't sit well with me. I believe the problem > actually lies in design, and not the construction. OK, then I just misunderstood you. This is an excellent analogy, and also just what I was saying: poor design is the root of the problems that *I* see with a lot of Open Source software. The "bridge builders", as you have aptly dubbed them, are damned good at building bridges. They have not, however, been too good at the engineering legwork needed for a solid bridge design. >>I mean, a webserver exploit is now a kernel exploit. That is *so* much >>worse than even a root exploit! > > > This has become something simuliar to discussing theology; there is > so much based on long established standards and thoughts. Yes, and I totally agree with you that fresh ideas are welcome in the security industry, and the software engineering one. After all, Unix was not designed with security in mind. The fact that it has pretty good security (if the admin is willing to practise the black art) is due to a lot of hacking around the lack of serious security in Unix and a lot of elderly software (NFS, anyone?), and when weaknesses emerge, it is due to people finding chinks in the hacks. This is something that a good design would disallow. IPv6 vs. IPv4 is a great example of a fresh design being superiour to crufty old crap that has been hacked to pieces over the years. IP was not supposed to be trusted, and all of our attempts to make it so are nothing more than kludges. > In the present state of Linux I would agree with you about kernel > exploits. However, I think this too relates back to bad design and > old assumptions. Thoses designs and assumptions served a purpose > once but are now outdated. Perhaps. > It might be easier if I wrote a paper with references, then posted > it to a convenient location vice failing to explain my point. :-( Please do! :) >>I can! ;) Think of it this way, Uva: the system libraries ([g]libc) are >>userland. Sloppiness here affects any application that is not statically >>linked against a different set of libraries. How many security >>vulnerabilities have we seen over the years because of sprintf() and >>friends being vulnerable to buffer overflows and string format exploits? > > > I understand your point entirely, but what I'm saying is that it > doesn't have to be this way. There are so many old assumptions > that this is how it must be that it doesn't allow for innovation. I see that now. I think that we both agree on a solution to the problem, and that is apply some fresh attitudes to software. I am calling for better design, you are calling for radically new design. I say, why not both! ;) But I would settle for some solid software engineering applied to the Unix model, which I feel still has validity. I hope some developers are reading this thread... ;) -- Josh Glover <jmglov@example.com> Associate Systems Administrator INCOGEN, Inc.
- References:
Home | Main Index | Thread Index
- Prev by Date: [tlug] 802.11b PCMCIA Options
- Next by Date: Re: [tlug] Re: Piping stderr?
- Previous by thread: Re: Software Design (was: Re: [tlug] Confessions of a closet OpenBSD user)
- Next by thread: [tlug] Apache worm in the wild
- Index(es):
Home Page Mailing List Linux and Japan TLUG Members Links