Date: Fri, 1 Feb 2002 22:31:12 -0500 From: Brian T.Schellenberger <bts@babbleon.org> To: Terry Lambert <tlambert2@mindspring.com> Cc: Paul Fardy <pdfardy@mac.com>, current@FreeBSD.ORG, stable@FreeBSD.ORG Subject: Re: Junior Annoying Hacker Task Message-ID: <20020202033112.5490F406A@i8k.babbleon.org> In-Reply-To: <3C5B42FA.858F36A8@mindspring.com> References: <5F46C986-16DB-11D6-8CEC-00039359034A@mac.com> <20020202005621.841F4406A@i8k.babbleon.org> <3C5B42FA.858F36A8@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 01 February 2002 08:38 pm, Terry Lambert wrote:
> "Brian T.Schellenberger" wrote:
> > - There is not a single point of failure for all progams; it only
> > controls basic system functions and services, it does not control
> > applications, so if it fails, your applications aren't all screwed up,
> > and if your applications screw up terribly they can't corrupt your basic
> > system.
>
> firewall_enable="NO"
I wouldn't think of a firewall as an application program.
I can be certain that installing or corrupting or otherwise screwing up my
text editor, my image-editing program, by CD-management program, my financial
program, my DVD-viewing program, my newsreader, or my browser won't break my
firewall.
That's the big drawback of the stupid "registry" idea.
> > Indeed, the lack of an API to *write* to /etc/rc.conf is one of it's
> > greatest strengths: It is far less vulnerable to major corruption if
> > things go nutty.
>
> "vi"? "sed"? "any text editor"?
Yes, but application programs aren't writing to it. You only write to it
when you set down to do it. So "vi" acts like "regedit", except that it's
much easier to find things & manipulate since you have the same interface to
that file that you have to everything else.
(For example, Linux maintains kernel options in much this same way, but it's
*much* easier to just with an editable (commented) kernel config file; that's
a big part of the reason I went back to FreeBSD.
> The lack of constraints on how one may interact with the rc.conf
> is one of its main weaknesses. A single missing quotation mark
> will result in an inaccessible system, if you don't have console
> access, and one that must be repaired, if you do.
>
> There's not even a "virc" equivalent to "vipw", that can do a
> consistency check on the file to make sure it's "sourceable" by
> a shell script, before permitting the edits to replace the valid
> contents, and keep a backup of the previous file for you.
I've never so messed myself up, but I can see where that would be a problem.
*This* is a good idea, actually.
> Alternately, we can just call a spade a spade, and admit that
> what we have is a flat file registry, which pretends to be
> hierarchical by using "_" as a hierachy delimiter for component
> seperation.
I don't see that at all--the most distinctive characteristic to me of the
Microsoft Windows Registry is that it tries to be a *single* place where
*all* configuration information--both system and application--is written. If
you ask Microsoft I'm pretty sure they'd tell you that's it's prime advantage
and I claim that it's prime drawback. Either way, that's what most
distinguishes it.
> Actually, this is a lot like the Manx subdirectory support in
> the shell program that came with the developement environment,
> and used "topdir/subdir/finaldir" as the name of the directory,
> and simply hid the names of all but the last component. 8-).
Building this information into a directory hierarchy sounds clever but gives
me nightmares in recalling the startup / daemon control in Linux (using the
AT&T scheme, I believe)--which sounds like a good idea in theory but I always
found was an absolute nightmare in practice.
>
> -- Terry
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
--
Brian T. Schellenberger . . . . . . . bts@wnt.sas.com (work)
Brian, the man from Babble-On . . . . bts@babbleon.org (personal)
ME --> http://www.babbleon.org
http://www.eff.org <-- GOOD GUYS --> http://www.programming-freedom.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020202033112.5490F406A>