[plt-scheme] Re: eq and hashing

On Fri, 30 May 2003, Jerzy Karczmarczuk wrote:

> >>On Thu, 29 May 2003, Matthew Flatt wrote:
> >>
> >>... we cannot protect against malicious programs, otherwise the
> >>programming language would become too weak to be useful in practice.
> > 
> > 
> > To be clear, I have in mind the kind of protection that Unix provides
> > against malicious processes. ...
> 
> 
> >>It is not hard to write a simple program
> >>which tries to allocate infinite list, practically blocking other
> >>processes.
> > 
> > 
> > That is a problem in the default configuration of PLT Scheme. But if
> > you configure with --enable-account when building from source, then
> > it's possible to thwart such attacks using `custodian-limit-memory'.
> 
> I have a philosophical question, Gentlemen.
> Why do you call such programs "malicious"?
> 
> For me they are simply stupid. In the worst case. Typically they are
> erroneous programs. Now, can any system or language processor protect
> itself agains errors?...
> Of course the *resource* protection is necessary in all cases, including
> coorect programs, but this is a job for Civil Lawyers and Commerce Chambers,
> not for the Crime Prevention Departments...

Generally I agree with you.  I do not like to fight against such
programs.  But...  we have laboratory in concurrent programming
on Linux.  Students learn to use IPC mechanisms like semaphores,
messages etc.  When a program crashes, all open files are closed.
But IPC mechanism should also be deleted and they are not.  They
stay in /tmp until their number reaches the limit.

We cannot blame students for crashing programs --- they learn so 
we cannot call them "stupid" and we LEARNED to clean /tmp often.
But someone could consciously exploit this for perverse fun.
Then I would call such a program "malicious"  --- just the question
of intentions.

OK, I am afraid philosophy is not my good side, but that's the idea.

Zbyszek Jurkiewicz