That is indeed one important question, but there was another one, the question of whether this was a denial of service attack exposure, which i t is not. I'm not disagreeing that it would be nice if there were some sor t of "are you sure" safety net before the system proceeded to try to do something suicidal, but that's a design and requirements question, not a defect question.
- Bill Holder, z/VM Development, IBM On Thu, 17 Sep 2009 17:36:44 -0400, David Boyes <dbo...@sinenomine.net> w rote: >On 9/17/09 2:16 PM, "Adam Thornton" <athorn...@sinenomine.net> wrote: > > >> "Administrator typo" is not a failure mode the operating system is >> designed to protect you from. > >That may be true now, but I think the point of the argument is that it >should not be. > >On VMS, if you have a SYSTEM priv bit set, the system will still warn yo u if >you're about to do something that seems stupid. If there is an architect ed >limit (note that the 9.7TB got clipped to 8TB, so SOMETHING noticed a >problem), then it's not too unreasonable for the system to take defensiv e >measures and issue a warning that all is not right in in the kingdom of >Denmark, cream or no cream dresses. > >It seems like a basic defense that if CP notices you starting something that >it KNOWS it may not have resources to complete, requiring confirmation t hat >you know what you're doing (or about to do) is a good defensive measure. > >Did the system do what you told it to do when you told it to do it? Yes. >Whether it should march off a cliff without at least questioning the ord er >is the question at hand. > >-- db >======================== ========================= =======================
