Chris: Given how secure qmail of djbdns are, ever wonder why they aren't more popular? Lack of flexibility is a real killer, but the simplicity found in djb's work is also its best feature.
Crash-only design is part of that simplicity. It is certainly an interesting way to create robustness--through failure. And it's not how I want my car to run, or even my cell phone. Both are vastly more complex than qmail, but having my car decide to die while I am navigating during rush hour could result in people dying. We need our distributed software to be more robust to failures, whether when opening a file or dealing with perhaps deliberately malformed input. DJB's ideas are important, but not something to worship. Rik On Wed, Dec 31, 2014 at 1:49 PM, Chris Palmer <snackypa...@gmail.com> wrote: > On Wed, Dec 31, 2014 at 10:10 AM, Rik Farrow <r...@rikfarrow.com> wrote: > >> Wow. I suggest your read this paper: > > Did you read the crash-only paper? > >> Really, why crash when you fail to open a file or obtain a lock? > > Consider the design of qmail. > > > -- > http://noncombatant.org/ _______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
