On Sat, Jun 14, 2014 at 01:47:16AM +0100, Andrew wrote: > Saying that docker (of all things) will produce impedance mismatches > between different components and ruin composition seems a little > premature and unfounded.
For some reason when I think of his complaint I cannot help but think of how on old Macintoshes (before OS X), you could use NFS to create files on Unix file servers that contained / (forward slash) in the file name. Good luck erasing that! In 2009 we all saw what a stray NUL can do in a x509 certificate; NULs can easily end up causing problems because of impedance mismatch between C and 8-bit-clean languages and OSes. Systems that attempt to prevent SQLi can also fail to catch Unicode half quote, which is sometimes a problem, depending on RDBMS. You can't simply swap them out for reasons like this. Perhaps he means something like those. It is not always the case that impedance matches cause problems; for example, we compile to various hardware platforms from a common language. In that case the higher level concepts are mapped, with a great deal of care, to lower level building blocks. CPU instructions are implemented as gates. I am aware that there are security-relevant compiler and CPU bugs but they have not seemed to be as widespread or as severe. Perhaps this is merely due to lack of attention. What seems to be more problematic is when we attempt to build one function using a building block at the same level of a conceptual hierarchy; for example when we try to get ext2fs to behave as NTFS or BSD FFS or something like that. -- http://www.subspacefield.org/~travis/ I'm feeling a little uncertain about this random generator of numbers.
pgpEpiW6el372.pgp
Description: PGP signature
_______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
