qmail + secure coding + djb

Yesterday night I came across this Slashdot post, and went on to read the article. It is a review of the 10+ year history of qmail, a widely used MTA, written by Daniel Bernstein. It focuses on what made qmail a secure software, and it has some interesting views on software development models. It also touches some common pitfalls, viz. chasing attackers instead of fixing the bugs they use, minimizing privilege (I don’t really agree with his views here: while it may not solve all security bugs, not abiding by the principle of least privilege will either give way to new bugs, or increase the threat of existing ones, or both), and last but not least, the evil principle of speed optimization (“the root of all evil” vide Knuth):

  The most obvious effect of the pursuit of speed is that
programmers put effort into low-level speedups [sic], attempting
to save time by tweaking small sections of code.
Programmers know when they’re doing this. They see
the increased programming time. They see the increased
bug rate. They are generally quite happy to change their
engineering process to skip almost all of this effort. Knuth’s
commentary seems to be aimed at novice programmers who
don’t understand how to use profiling tools.

These and other ideas are developed in the subsequent sections of the paper. A good reading overall, if somewhat long for the substance it contains.


Os comentários estão fechados.