| From: | Lamar Owen <lamar(dot)owen(at)wgcr(dot)org> |
|---|---|
| To: | "Dann Corbit" <DCorbit(at)connx(dot)com>, "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "Sir Mordred The Traitor" <mordred(at)s-mail(dot)com>, <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL |
| Date: | 2002-08-26 18:40:54 |
| Message-ID: | 200208261440.54047.lamar.owen@wgcr.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Monday 26 August 2002 02:23 pm, Dann Corbit wrote:
> An alarmist style when posting a serious error is a good idea.
> "Hey guys, I found a possible problem..."
> Does not seem to generate the needed level of excitement.
> DOS attacks means that business stops. I think that should generate a
> furrowed brow, to say the least.
The historical style on this list has avoided histrionics -- although I have
myself been guilty of the hyperbole problem. Making a big stink in no wise
guarantees it being heard, and may very well cause some to bristle, as Tom
has done. It just doesn't fit the style of this list, that's all.
> As long as the needed data is included (here is how to reproduce the
> problem...) I don't see any problem.
When you have to read and process nearly 1,000 e-mails a day (as I have had to
do, although my average is a mere 400 or so per day), the subject line and
the first screenful of the message will be looked at, and no more. The
substance needs to be early in the message, and the subject needs to be short
and descriptive. These are just simply traditions, protocols, and ettiquette
for Internet mailing lists, as well as other fora such as Usenet.
If someone wants me to pay attention to a message, the subject needs to be on
the point, and the point needs to be early in the message. Otherwise I may
simply be so rushed when it arrives in my mailboxen (more than one, as I have
autorouting mail filters in place) that it gets ignored. I know I am not
alone in processing mail this way.
> > And dealing with a real name would be nice, IMHO. Otherwise
> > we may end up
> If he wants to call himself 'Sir Modred' or 'Donald Duck' or 'Jack the
> Ripper' or whatever, I don't see how it matters. He is providing a
> valuable service by location of serious problems. These are the sort of
> thing that must be addressed. This is the *EXACT* sort of information
> that is needed to make PostgreSQL become as robust as Oracle,
> SQL*Server, DB/2, etc.
I'm sorry, but I have more respect for someone who isn't afraid to use their
real name. I've been on both sides of that fence. Even in the security
business, where people routinely use pseudonyms, I personally prefer to know
their real name. If I _know_ Aleph One is Elias Levy, then that's easy
enough. If the information is easily available, then that's enough.
So, it makes a difference to me, like it, lump it, or think it's insane.
And, yes, I agree he IS providing a valuable service -- with that I have no
complaints. But there is a distinct civility and culture to this list, and
I'd like to see it stay that way.
--
Lamar Owen
WGCR Internet Radio
1 Peter 4:11
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jan Wieck | 2002-08-26 18:42:26 | Re: LIMIT 1 FOR UPDATE or FOR UPDATE LIMIT 1? |
| Previous Message | Tom Lane | 2002-08-26 18:37:47 | contrib/ intarray, ltree, intagg broken(?) by array changes |