Re: Shipping Vera with 2.4
- From: Bastien Nocera <hadess hadess net>
- To: Havoc Pennington <hp redhat com>
- Cc: Michael Meeks <michael ximian com>, GNOME Desktop Hackers <desktop-devel-list gnome org>
- Subject: Re: Shipping Vera with 2.4
- Date: 27 Feb 2003 17:30:54 +0000
On Thu, 2003-02-27 at 17:20, Havoc Pennington wrote:
> Hi,
>
> On Thu, Feb 27, 2003 at 02:51:14PM +0000, Michael Meeks wrote:
> > There are also the following bugs/mis-features I saw with a brief
> > glance, correct me if I'm wrong:
> >
> > * missing syscall error handling
> > * blocking accept
> > * not handling EINTR
> > * assuming non-blocking / short reads [ possibly in-spec,
> > perhaps better to use NON_BLOCK ].
> > * blocking connection write
> > * no error checking / short write handling on write
> > * server_cb locks in a tight loop on 'read' error
> > * looks like it creates an insecure, world writable /tmp
> > Unix domain socket -> instant, huge security hazard
> > * doesn't do collision checking => instant DOS attack.
> >
>
> This is mostly bogus; for example the EINTR handling is in the
> wrappers around the syscalls, you just didn't see it, short write
> handling also exists, and no /tmp UNIX domain socket is created
> anywhere as far as I know. Maybe in the test suite. Are there lots of
> bugs? Sure. But you're just making some of this stuff up.
Misunderstanding here Havoc. Michael was talking about my
bacon-message-connection thingo which I'm using while waiting dbus,
which I used in the argument to point out the ease of use of such an API
for ad-hoc IPC.
Michael already knows that much of these are bogus arguments for a
simple IPC, I answered to the other issues in my other mail.
Cheers
--
/Bastien Nocera
http://hadess.net
#2 0x4205a2cc in printf ("Oh my %s\n", preferred_deity) from
/lib/i686/libc.so.6 printf ("Oh my %s\n", preferred_deity);
Segmentation fault
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
