From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,c9d5fc258548b22a X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news4.google.com!feeder.news-service.com!news.netcologne.de!newsfeed-fusi2.netcologne.de!newsfeed.straub-nv.de!nuzba.szn.dk!news.jacob-sparre.dk!pnx.dk!.POSTED!not-for-mail From: "Randy Brukardt" Newsgroups: comp.lang.ada Subject: Re: How do I write directly to a memory address? Date: Thu, 3 Mar 2011 18:22:48 -0600 Organization: Jacob Sparre Andersen Research & Innovation Message-ID: References: <67063a5b-f588-45ea-bf22-ca4ba0196ee6@l11g2000yqb.googlegroups.com> <31c357bd-c8dc-4583-a454-86d9c579e5f4@m13g2000yqb.googlegroups.com> <05a3673e-fb97-449c-94ed-1139eb085c32@x1g2000yqb.googlegroups.com> <4d4c232a$0$28967$882e7ee2@usenet-news.net> <4D4D6506.50909@obry.net> <4d50095f$0$22393$882e7ee2@usenet-news.net> <4d6d56c4$0$11509$882e7ee2@usenet-news.net> <16u9ka51wbukr$.1fj2sb73j9rv6.dlg@40tude.net> <4d6d627b$0$11509$882e7ee2@usenet-news.net> <74986d0a-0d5b-4396-8c77-adff72e870a2@d26g2000prn.googlegroups.com> <4d6eafc7$0$17913$a8266bb1@postbox2.readnews.com> <4d6eb309$0$17913$a8266bb1@postbox2.readnews.com> <4d6ed212$0$17960$a8266bb1@postbox2.readnews.com> <8985b302-96b8-4f22-aa4d-d64945047f90@r4g2000prm.googlegroups.com> <4d6ee8e2$0$14912$882e7ee2@usenet-news.net> <4d6f2fcb$0$14547$882e7ee2@usenet-news.net> NNTP-Posting-Host: static-69-95-181-76.mad.choiceone.net X-Trace: munin.nbi.dk 1299198172 21249 69.95.181.76 (4 Mar 2011 00:22:52 GMT) X-Complaints-To: news@jacob-sparre.dk NNTP-Posting-Date: Fri, 4 Mar 2011 00:22:52 +0000 (UTC) X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2900.5931 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5931 X-RFC2646: Format=Flowed; Response Xref: g2news1.google.com comp.lang.ada:17798 Date: 2011-03-03T18:22:48-06:00 List-Id: "Hyman Rosen" wrote in message news:4d6f2fcb$0$14547$882e7ee2@usenet-news.net... > On 3/2/2011 10:01 PM, Randy Brukardt wrote: >> Relational databases have their uses, but they're wildly >> overused for things that are only weakly related to transactional data. >> As >> Dmitry said, there are better approaches to persistence. > > Are there? Relational databases have the feature of *working*. They are > among the most widely used programs, especially in the finance industry > (so you are in fact benefiting from the money Wall Street spends on > them) Yup -- if all you have is a hammer, everything looks like a nail. :-) >... , they scale well from tiny table sizes to enormous ones, Which is the best (and virtually only) reason for using them, IMHO. If you don't need wild scaling, you probably don't need a database. And that is especially true on the "tiny table" side. > and using them is a well-understood art. See my first comment. > If you're working for a company of > reasonable size, it is most likely already using databases, so you can > piggyback on the services the company is already using for maintenance, > support and backup. If a technology needs much maintainence or support, it is already a lost cause. See my 98% note above. People aren't flocking to buy iPhones and iPads instead of Windows netbooks because they could use the same mechanism for maintenance and support! They're buying them because they don't need (much) maintenance and support. A well-designed persistence mechanism is the same thing; it just works as part of your program and considerations about *how* it works are irrelevant. It's the same dynamic that has led to the heavy use of containers rather than roll-your-own data structures in new programs. Interfacing to a database is hard for most programming languages, with a significant disconnect between the data types in the program and in the database. Good persistence mechanisms don't suffer from that. > Do those "better" methods buy you all that? Doing things the same old, "safe" ways also buy you all of the problems of interfacing, the need for experienced database administrators, etc. Does those costs buy enough? Who knows. > > Nor can any URL cause the launching of a shell, because it doesn't have > > the capability to run another program > > Normal web servers offer the ability to launch scripts based on URL > patterns (CGI, remember?), so this means you have failed to implement > a standard bit of functionality. Given that I don't need or want that functionality, all I'm doing is following the important principle of least priviledge (admittedly a bit extremely). The advice is always don't run services you don't need, don't give permissions to users that don't need them, etc. I'm doing the same here, don't provide a way to launch programs because I don't need it. Note that my web server (as opposed to the AWS package discussed here by others, please don't be confused by the similar names) was never intended to do anything beyond run the web sites I'm responsible for. Someone else could take the source code and tailor it for another site, but the entire idea was to make the security as strong as possible by requiring anything that the web site could respond to be compiled-in Ada code. I'm planning to port the code to Linux in the near future, which will eliminate it's primary weak link (running on top of Windows). I'm well aware that other people have different requirements. There is no one-size-fits-all answer to security or functionality. Randy.