From: "Randy Brukardt" <randy@rrsoftware.com>
Subject: Re: status of PL/I as a viable language
Date: Fri, 21 Feb 2003 14:51:01 -0600
Date: 2003-02-21T14:51:01-06:00 [thread overview]
Message-ID: <v5d4ecdfopogde@corp.supernews.com> (raw)
In-Reply-To: 1045839283.86671@master.nyc.kbcfp.com
Hyman Rosen wrote in message <1045839283.86671@master.nyc.kbcfp.com>...
>I've mentioned this many times before. Language checks such as
>bounds checking, pointer checking, and overflow checking are
>fine for testing. But when the application is released, it is
>better to disable such checks in cases where continued operation
>is important, because it's more likely that a program which
>"gets away" with making such an error can keep working, whereas
>detecting the error will just blow the program away.
Usually it is better to make the checks and prevent the "wrong answer".
This is, after all, the cause of some many of the security holes on the
Internet.
The web server for AdaIC is written in Ada. I've left all of the
checking on, and provide a global exception handler for each worker
thread. Thus, the worst that can happen for a mistaken check is the
currently processed operation to be abandoned (the server sends an
internal error response to the client). That prevents all sort of
security holes from buffer overflows and the like.
It of course does not prevent all errors, but it allowed me to focus on
blocking the common security problems that are algorithmic in nature,
like traversal errors.
Although the code has had a variety of buffer overflow and other bugs
cause individual operations to fail, the server has continued to run and
process other operations correctly for the entire 18 months. (And, all
failures have been logged so that the cause can be tracked down easily).
This has allowed the focus to be on the web site's contents, not on
keeping the server running.
There probably are cases where it is better to run with checks off. (We
always did that with Janus/Ada for MS-DOS, just to keep the compiler
size managable. That's not an issue on Windows.) But I would generally
prefer to err on the side of leaving checks on unless it is necessary to
do otherwise.
Randy.
next prev parent reply other threads:[~2003-02-21 20:51 UTC|newest]
Thread overview: 135+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <mHZ0a.42983$jM5.108891@newsfeeds.bigpond.com>
[not found] ` <nRg1a.190899$HG.32437469@news4.srv.hcvlny.cv.net>
[not found] ` <3E51908E.9CCA3412@adaworks.com>
[not found] ` <8Gh4a.7455$_c6.743959@newsread2.prod.itd.earthlink.net>
[not found] ` <3E51ABCE.5491B9A2@adaworks.com>
[not found] ` <b2spe6$p23$1@helle.btinternet.com>
[not found] ` <3E5273DE.2050206@cox.net>
[not found] ` <3E531E6F.BDFB2599@adaworks.com>
[not found] ` <3E546C45.4010406@cox.net>
2003-02-20 15:49 ` status of PL/I as a viable language Richard Riehle
2003-02-20 16:26 ` Donald L. Dobbs
2003-02-20 17:15 ` Preben Randhol
2003-02-21 6:24 ` Anders Wirzenius
2003-02-21 18:44 ` John R. Strohm
2003-02-20 17:58 ` Hyman Rosen
2003-02-20 18:44 ` John R. Strohm
2003-02-20 19:09 ` Larry Kilgallen
2003-02-20 19:27 ` John R. Strohm
2003-02-20 19:48 ` Hyman Rosen
2003-02-20 21:12 ` John R. Strohm
2003-02-20 21:39 ` Bobby D. Bryant
2003-02-21 20:36 ` Randy Brukardt
2003-02-21 8:33 ` Jean-Pierre Rosen
2003-02-20 19:34 ` Hyman Rosen
2003-02-20 19:52 ` Vinzent Hoefler
2003-02-20 20:14 ` Hyman Rosen
2003-02-20 21:20 ` Vinzent Hoefler
2003-02-21 8:14 ` Ondřej Tučný
2003-02-21 14:54 ` Hyman Rosen
2003-02-21 15:05 ` Vinzent Hoefler
2003-02-21 15:55 ` Preben Randhol
2003-02-21 16:45 ` Hyman Rosen
2003-02-21 17:40 ` Preben Randhol
2003-02-21 17:44 ` Preben Randhol
2003-02-21 18:10 ` Hyman Rosen
2003-02-21 18:38 ` Preben Randhol
2003-02-21 18:40 ` Preben Randhol
2003-02-21 18:52 ` Hyman Rosen
2003-02-21 19:24 ` Vinzent Hoefler
2003-02-21 19:57 ` Hyman Rosen
2003-02-21 20:37 ` Vinzent Hoefler
2003-02-21 20:55 ` Randy Brukardt
2003-02-21 18:42 ` Vinzent Hoefler
2003-02-21 18:48 ` John R. Strohm
2003-02-21 20:22 ` Richard Riehle
2003-02-21 20:51 ` Randy Brukardt [this message]
2003-02-21 21:29 ` Hyman Rosen
2003-02-21 21:44 ` Vinzent Hoefler
2003-02-23 5:05 ` Hyman Rosen
2003-02-24 16:29 ` Vinzent Hoefler
2003-02-22 11:06 ` Preben Randhol
2003-02-23 22:04 ` tmoran
2003-02-24 9:32 ` Preben Randhol
2003-03-02 2:37 ` AG
2003-03-01 13:46 ` Preben Randhol
2003-03-03 0:57 ` AG
2003-03-02 12:40 ` Preben Randhol
2003-03-02 16:52 ` John R. Strohm
2003-03-03 0:19 ` Georg Bauhaus
2003-03-03 3:03 ` John R. Strohm
2003-03-04 12:11 ` Faust
2003-03-04 15:51 ` OT: Crime Frank J. Lhota
2003-03-03 8:01 ` status of PL/I as a viable language Preben Randhol
2003-02-24 20:15 ` Randy Brukardt
2003-02-25 10:00 ` Preben Randhol
2003-02-26 1:10 ` Randy Brukardt
2003-02-26 18:49 ` Stephen Leake
2003-02-27 12:09 ` Preben Randhol
2003-03-01 18:16 ` Richard Riehle
2003-03-02 1:56 ` AG
[not found] ` <iqeli-c2d.ln1@beastie.ix.netcom.com>
2003-02-23 5:13 ` Hyman Rosen
2003-02-28 10:32 ` Lutz Donnerhacke
2003-02-28 18:52 ` Vinzent Hoefler
2003-02-23 19:19 ` Berend de Boer
2003-02-24 6:19 ` Hyman Rosen
2003-02-20 22:10 ` Peter Flass
2003-02-20 22:26 ` Chad R. Meiners
2003-02-21 9:13 ` Dmitry A. Kazakov
2003-02-21 14:56 ` Hyman Rosen
2003-02-21 16:04 ` Preben Randhol
2003-02-21 19:41 ` Mike Silva
2003-02-21 20:41 ` Richard Riehle
2003-02-21 21:46 ` Donald L. Dobbs
2003-02-23 2:23 ` Shmuel (Seymour J.) Metz
2003-02-23 5:02 ` Hyman Rosen
2003-02-23 18:34 ` Donald L. Dobbs
2003-02-24 6:22 ` Hyman Rosen
2003-02-21 19:16 ` John R. Strohm
2003-02-21 19:49 ` Hyman Rosen
2003-02-21 20:32 ` Frank J. Lhota
2003-02-21 20:40 ` John R. Strohm
2003-02-25 10:31 ` Quality (Re: status of PL/I as a viable language) Anders Wirzenius
2003-02-25 13:10 ` Marin David Condic
2003-02-26 6:22 ` Anders Wirzenius
2003-02-26 11:47 ` Larry Kilgallen
2003-02-26 12:40 ` Larry Kilgallen
2003-02-26 13:43 ` Marin David Condic
2003-02-27 7:05 ` Anders Wirzenius
2003-03-01 22:28 ` AG
2003-03-01 12:56 ` Peter Flass
2003-03-01 19:17 ` Frank Clarke
2003-03-01 13:51 ` Anders Wirzenius
2003-03-01 13:54 ` Anders Wirzenius
2003-03-02 18:51 ` AG
2003-03-02 9:55 ` Anders Wirzenius
2003-02-21 20:35 ` status of PL/I as a viable language John R. Strohm
2003-02-21 21:40 ` Hyman Rosen
2003-02-21 22:25 ` John R. Strohm
2003-02-22 10:56 ` Preben Randhol
2003-02-22 19:55 ` Everett M. Greene
2003-02-23 11:15 ` Preben Randhol
2003-02-22 19:55 ` Everett M. Greene
2003-02-22 20:03 ` John R. Strohm
2003-02-22 22:38 ` Larry Kilgallen
2003-02-21 21:44 ` Pointless Harlows
2003-02-22 4:51 ` John W. Kennedy
2003-02-23 0:13 ` James J. Weinkam
2003-02-23 2:28 ` John W. Kennedy
2003-02-22 13:04 ` IEFBR14, was " Peter Flass
2003-02-22 19:08 ` Robert Munck
2003-02-23 9:53 ` Pointless Harlows
2003-02-22 19:31 ` John W. Kennedy
2003-02-23 2:12 ` Shmuel (Seymour J.) Metz
2003-02-20 21:45 ` Larry Kilgallen
2003-02-20 22:06 ` Peter Flass
2003-02-20 23:30 ` John R. Strohm
2003-02-21 13:46 ` Peter Flass
2003-02-21 20:33 ` Shmuel (Seymour J.) Metz
2003-02-21 20:26 ` Shmuel (Seymour J.) Metz
2003-02-20 22:34 ` Larry Kilgallen
[not found] ` <1lagi-b33.ln1@beastie.ix.netcom.com>
2003-02-21 16:09 ` Preben Randhol
2003-02-21 18:10 ` Larry Kilgallen
2003-02-24 12:00 ` Larry Kilgallen
2003-02-21 20:16 ` Shmuel (Seymour J.) Metz
2003-02-22 12:57 ` Peter Flass
2003-02-23 2:27 ` Shmuel (Seymour J.) Metz
2003-02-21 20:49 ` Donald's F-22 Question Richard Riehle
2003-02-21 22:37 ` Jerry Petrey
2003-02-20 23:00 status of PL/I as a viable language David C. Hoos, Sr.
-- strict thread matches above, loose matches on Subject: below --
2003-02-21 18:17 Lionel.DRAGHI
2003-02-21 18:44 ` Hyman Rosen
2003-02-22 13:26 David C. Hoos, Sr.
2003-02-26 20:55 David C. Hoos
2003-02-27 12:12 ` Preben Randhol
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox