[prev in list] [next in list] [prev in thread] [next in thread] 

List:       maradns-list
Subject:    What if Mariana Torres became my wife?
From:       e8mhpsznamq001 () sneakemail ! com
Date:       2002-02-25 20:57:42
[Download RAW message or body]

[Christian asked about an OS with a better security model]

As it turns out, that OS with a better security model
is right under our noses; it is called Linux.  "man 2
capset" is the ticket.  There is also the EROS project at
http://www.eros-os.org/; however that code is going to take
a while to be usable (if it will ever happen; free software
projects have this annoying of mysteriously dying).

The problem with using capset is that I have just changed
my application from being a cross-platform UNIX application
to being a Linux-only application.  Quite frankly, I think
all of the other Unixes should close the Linux capset()
capabilities; Linux is, for better IMHO, the leading UNIX
right now.  Solaris and AIX, of course, are more scaleable at
the high end.  Linux, however, is catching up while the old
"big iron" Unixes are standing still.

[And a nice discussion about "What would we do if Bill Gates
 GPLed Windows"]

You know, the nature of these discussions is akin to asking
"What would I do if Mariana Torres (The actress, not the tennis
player) decided to marry me?"  Well, I would have a beautiful
girl as a wife; however I think it would be a challenge to have
a wife who every guy on the street wanted to get together with.
And, of course, her fame, such as it is, may get in the way
of us doing things together in public.

If Bill Gates GPLed Windows and Office (which is about as
likely to happen), the de facto standard of desktop computing
would finally be open and free.  Spyware would quickly cease
to be a problem because people would, in very short order,
post patches which stop the nefarious spyware activities.  I am
sure the code is messy and difficult to maintain, of course.
Then again, it is probably readable enough that people would
be able to to fix the most obnoxious security holes.

I am sure that I would switch from Linux to Windows were this to
ever actually happen.  I would suddenly be able to run a lot of
programs which I currently can not run on Linux; and I would be
more "in sync" with the desktop computers that most people use.

As for free software on Windows, anything of importance has
been ported there, including MaraDNS (via cygwin).  In fact,
I recently downloaded and installed Mozilla 0.9.8 on a Windows 
machine I am using so that I could disable those annoying pop up 
ads.

[The HTML email rant and Christian's reply]

Posting that particular rant felt good; I feel that I finally
articulated in a reasonable manner one of the biggest annoyances
I have with a lot of the UNIX mind set.  Of course, the fact
that normal UNIX text email looks like garbage on my particular
webmail account does not help.

Christian, I feel that you have posted one of the most
reasonable arguments, as such arguments go, against HTML mail.
I personally can not speak on behalf of third world countries;
however I believe that there are people on this list still
using shell accounts to get on the internet (please pipe up
if you are one of these people).

I know that in the one developing country I have visited,
Mexico, they have plenty of internet access; it, however,
is paid for by the hour (between one and three dollars an
hour), and is accessed via Windows machines in cyber cafes.
Everyone there that I emailed, without exception, uses a
webmail account to access email.

Email, as it turns out, is the only really reasonable way
to keep in touch with people down there.  Phone calls are
expensive, especially going out from Mexico, and postal letters
take a month to get delivered.

Anyway, here is a GPG sig for maradns-0.9.13.tar.gz (note
the .GZ):

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQA8egIiC+jWrh5h/KYRAmM2AJ48HPnvKhaeUMUCv7d54RDYQ3TUhQCfbD8G
YmJyVYmQ2ZzGnoBJVjgBhS0=
=oT1z
-----END PGP SIGNATURE-----

If anyone at all is still seeing the freeze ups, please let
me know.  If you do encounter a freeze up, here are some things
to check:

* See if you can still get the version number of MaraDNS by
  sending a TXT query for "erre-con-erre-cigarro.maradns.org"
  to the MaraDNS server (e.g. 
  "dig @127.0.0.3 erre-con-erre-cigarro.maradns.org txt" or
  "askmara Terre-con-erre-cigarro.maradns.org. 127.0.0.3").

* See if MaraDNS is up against the wall in terms of the number
  of threads open; MaraDNS on Linux does not answer queries once
  the thread limit is reached.  This can be done by a 
  "ps auxw | grep maradns | wc -l" or, to simply see the 
  processes "ps auxw | grep maradns".

* See if there is a large UDP send-Q for the MaraDNS process
  in question; this indicates that MaraDNS is not even listening
  for UDP requests, or that MaraDNS is getting requests faster 
  than she can process them.  To see this, run "netstat -na".  
  A MaraDNS instance without a UDP send queue will look like this:

        udp        0      0 127.0.0.3:53            0.0.0.0:*

  One with a send queue will look like this:

        udp    65520      0 127.0.0.3:53            0.0.0.0:*

In the meantime, I am closing the freeze up bug; the next
release will start the rewrite of the DNS decompression code.
I need to get this right; the decompression code is the "front
line" in terms of validating a DNS packet and making sure that
there is not invalid, potentially exploit creating data there.

I hope to get MaraDNS 1.0 out soon; having a program perpetually
in a code freeze gets frustrating after eight months.

- Sam

[prev in list] [next in list] [prev in thread] [next in thread]