From: "Randy Brukardt" <randy@rrsoftware.com>
Subject: Re: Derived private interface
Date: Thu, 28 Jul 2011 18:24:38 -0500
Date: 2011-07-28T18:24:38-05:00 [thread overview]
Message-ID: <j0sr3n$ejs$1@munin.nbi.dk> (raw)
In-Reply-To: b0633538-6038-4167-860f-65ee9e7cddcc@k9g2000yqf.googlegroups.com
"Maciej Sobczak" <see.my.homepage@gmail.com> wrote in message
news:b0633538-6038-4167-860f-65ee9e7cddcc@k9g2000yqf.googlegroups.com...
On Jul 27, 1:43 am, Jeffrey Carter
<spam.jrcarter....@spam.not.acm.org> wrote:
...
>> for the significant improvement in ease of reading and
>> understanding that results.
>
>Did you try that with web servers?
Fasinating. While I agree with most of your points, it is interesting that
the web server that runs the AdaIC archive site, the ada-auth.org site, the
search engine for the RM, and RR Software's web site (which is an all-Ada
design based on Claw's socket library) uses very little OOP. The only OOP in
it is in the low-level socket operations, mainly because Claw sockets are an
OOP design. But all of the high-level stuff is implemented as a table-driven
approach (special handling, domain roots, and the like are all described in
data form), and the specialty handlers (like the search engine) are all
called from case statements driven from those data tables.
The design was driven by an extra-paranoid approach to security: if the
server had any way for a URL to execute foreign code (a plug-in), then it is
highly likely that an attacker would find a way to use buggy URL to execute
some foreign code of their choice. Thus the ability to execute foreign code
is not provided at all -- all handlers have to compiled into the web server.
(Combined with Ada's near prevention of buffer overflows and stack attacks,
the two most common vectors of the time were firmly plugged. Of course,
traversal prevention and sanitization of parameters still have to be
accomplished -- there is no silver bullet to security.) Once you've done
that, there isn't much benefit to an OOP approach, since you have to
enumerate all of the handlers somewhere in any case.
Randy.
next prev parent reply other threads:[~2011-07-28 23:24 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-05 3:14 Derived private interface Rego, P.
2011-07-05 5:10 ` AdaMagica
2011-07-06 2:24 ` Rego, P.
2011-07-06 4:34 ` AdaMagica
2011-07-06 7:55 ` Georg Bauhaus
2011-07-06 8:30 ` AdaMagica
2011-07-06 12:59 ` Georg Bauhaus
2011-07-06 13:23 ` AdaMagica
2011-07-06 19:06 ` Randy Brukardt
2011-07-06 13:28 ` Simon Wright
2011-07-06 19:45 ` Randy Brukardt
2011-07-06 22:05 ` Georg Bauhaus
2011-07-06 23:56 ` Adam Beneschan
2011-07-07 14:09 ` Georg Bauhaus
2011-07-07 15:10 ` Adam Beneschan
2011-07-08 4:29 ` AdaMagica
2011-07-08 19:08 ` Randy Brukardt
2011-07-08 19:12 ` Randy Brukardt
2011-07-07 15:19 ` Georg Bauhaus
2011-07-07 10:37 ` Stephen Leake
2011-07-07 13:18 ` Georg Bauhaus
2011-07-08 19:23 ` Randy Brukardt
2011-07-08 21:41 ` Jeffrey Carter
2011-07-09 6:14 ` Dmitry A. Kazakov
2011-07-22 22:59 ` Randy Brukardt
2011-07-23 7:30 ` Jeffrey Carter
2011-07-23 9:29 ` Maciej Sobczak
2011-07-23 10:07 ` Dmitry A. Kazakov
2011-07-26 21:04 ` Randy Brukardt
2011-07-26 23:43 ` Jeffrey Carter
2011-07-27 23:56 ` Randy Brukardt
2011-07-28 0:18 ` Jeffrey Carter
2011-07-28 10:06 ` Maciej Sobczak
2011-07-28 23:24 ` Randy Brukardt [this message]
2011-07-29 6:45 ` Simon Wright
2011-07-30 0:04 ` Randy Brukardt
2011-07-30 6:32 ` Simon Wright
2011-08-01 9:30 ` Alex R. Mosteo
2011-08-01 10:12 ` Dmitry A. Kazakov
2011-08-01 21:56 ` Randy Brukardt
2011-08-02 10:03 ` Dmitry A. Kazakov
2011-08-02 21:16 ` Randy Brukardt
2011-08-03 9:01 ` Dmitry A. Kazakov
2011-08-03 20:16 ` Randy Brukardt
2011-08-04 8:15 ` Dmitry A. Kazakov
2011-08-09 21:10 ` Maciej Sobczak
2011-08-09 21:35 ` Randy Brukardt
2011-08-10 9:11 ` Dmitry A. Kazakov
2011-08-10 21:56 ` Randy Brukardt
2011-08-11 8:07 ` Dmitry A. Kazakov
2011-08-12 4:52 ` Randy Brukardt
2011-08-12 8:54 ` Dmitry A. Kazakov
2011-08-10 10:07 ` Maciej Sobczak
2011-08-10 11:26 ` Georg Bauhaus
2011-08-10 22:27 ` Randy Brukardt
2011-08-10 22:21 ` Randy Brukardt
2011-08-11 13:50 ` Maciej Sobczak
2011-08-12 4:43 ` Randy Brukardt
2011-08-12 7:00 ` Maciej Sobczak
2011-08-12 21:59 ` Randy Brukardt
2011-07-06 15:06 ` Adam Beneschan
2011-07-06 16:36 ` Dmitry A. Kazakov
2011-07-06 19:20 ` Randy Brukardt
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox