« BoO !!!
Ronald McDonald getting senile? »
08 11 2007

10 years of qmail 1.0

Posted by: Jym, in Security

Anyone who is into computer security and software development should read this paper by Daniel J. Bernstein, the man behind qmail. My favorite part of the paper:

To this very day, idiot software managers measure
‘programmer productivity’ in terms of ‘lines
of code produced,’ whereas the notion of ‘lines of
code spent’ is much more appropriate.
—Dijkstra in [9, page EWD962–4]

No offence to managers who may be reading this, but please do not be one of those described by Dijkstra. Some readers may argue that the paper is outdated because the modern day non C++ languages are spared from certain classes of bugs related to C/C++.

I beg to differ because no programming language can preempt and prevent user’s stupidity and laziness.

Like this entry? Share it with others! : These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Technorati
  • StumbleUpon
  • del.icio.us
  • Slashdot


    This entry was posted on Thursday, November 8th, 2007 at 9:29 am and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.




    2 Responses to “10 years of qmail 1.0”

    1. GunBlad3 says:
      November 19th, 2007 at 9:45 am

      Have read through the paper. Can’t really understand some of the sections eh, at least for now =P

      Some of the concepts are interesting too. Would they be relevant/applicable in non-C environments?

      Maybe the answers will come when I get a better grasp of the paper itself ;)

    2. Jym says:
      November 19th, 2007 at 10:47 am

      Least privilege vs less reliance on trusted code is the confusing part.

    Leave a Reply

    Clicky Web Analytics