Re: [logs] syslog TCP discussion

From: Darren Reed (avalonat_private)
Date: Tue Jan 21 2003 - 20:29:46 PST

  • Next message: Mikael Olsson: "Re: [logs] syslog TCP discussion"

    In some mail from Bennett Todd, sie said:
    > 2003-01-07T14:46:57 Bennett Todd:
    > > There are several arguments in favour of a tagged format as opposed
    > > to XML: [...]
    > > - we don't need the full expressiveness of XML, it's dangerous to
    > >   allow it
    > Unless I'm badly misreading this report, the attached is an
    > example of this exact class of problem --- a full XML parser
    > deployed where its full power isn't needed, and an unintended
    > consequence of some of that power rearing up and biting.
    > -Bennett
    You can read "tea leaves" to mean anything you want, especially
    if you are allowed to choose which cup you want to look at them
    I could say that it's stupid to implement any code that needs
    to run securely in C because it's so prone to bugs (just look
    at all the C apps with problems in bugtraq) vs Java where there
    are hardly any - except for the JVM, but what's that written in ? :)
    And so it goes on.
    Software is buggy and that's a fact of life we seem to be unfortunately
    stuck with.  A bug here or there should not be perceived as anything
    more than "the odd bug."
    IMHO, We should strive to define and agree on something that is
    firstly of most benefit to everyone and secondly follows the KISS
    principle so that it is easy to get right and hence less likely
    to be troubled by security issues in its implementation.
    Does XML follow the KISS principle ?  Depends on how you look at it.
    From our documentation perspective, all we need to do is say "XML
    is used for blah" rather than define our own tagged format, build
    parsers, etc.  Can XML be complex ?  Without a doubt, yes.  Can
    users benefit from that immeadiately ?  Yes.  Do we have to keep
    reinventing the wheel ?
    LogAnalysis mailing list

    This archive was generated by hypermail 2b30 : Tue Jan 21 2003 - 20:35:16 PST