Bodo Moeller wrote: > On Wed, Aug 14, 2002 at 01:24:32PM +0300, Arne Ansper wrote: > > >>[...] what if some standalone application thinks that the >>best solution for _its own_ problems is to reboot the machine? (happens >>all the time under the windows btw, you install some crap and the >>installer happily reboots your system). for me it's not different if some >>library thinks that the best solution for _its own_ problems is to kill >>the application. the application must have a control. > > > Exactly.
If you want to do this, wrap the application and do the reboot in the wrapper. >> if the internal >>error (it would be correct to call them bugs, btw) happens > > > When in internal error happens, this is because of a bug, but the > internal error is not the bug. A bug is a property, not an event. > > >> application >>must get this information and then it's up to the application to deal with >>it. if it's simple commandline tool it can call abort by itself. if its >>complex application it might unload the openssl and reload it later. or >>save its state and restart. only application knows what the right thing to >>do is. > > > Also only if the application sees an error message, it has the > opportunity to write this message to a logfile. With 'abort()', all > you know is that the program is no longer running, but you usually > have no idea why this happened. Writing the message to a logfile via a BIO, for example, which would use function pointers, which is how Neohapsis exploited the SSL bug? Once memory is (potentially) corrupt, it isn't safe to do _anything_. Incidentally, abort() coredumps, so you know far more than if all you did was write some error message to some file. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ Available for contract work. "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
