Gerald Combs wrote: > We could add a preference item which lets the user disable SE canaries. > Maybe a slider with "fast" on one end and "safe" on the other, just to > let them know what they're getting into. :)
Not knowing the extent of the ":)" above, it is worth pointing out that users are not programmers. They do not understand the difference between "fast" and "safe", and expect that all software they run is both fast and safe simultaneously. Further, any hint at all that software is not "safe" or has a user preference to make it less "safe" is bad IMHO. In my view, validating the correctness of a program (to the extent possible) is not the responsibility of the user. They should not be penalized (performance, memory usage) because of a programmer's lack of skill (in validating his own work before release). By all means, leave this kind of check as a compile option. Just like other recommendations for validation (like fuzz testing), indicate that programmers (of Wireshark proper and plugins) validate using a version with canaries. Sorry if I am way off base on this... Just my $.002. -Bryant ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
