D - Unsafe and doomed
H. S. Teoh
hsteoh at quickfur.ath.cx
Sun Jan 5 07:17:41 PST 2014
On Sun, Jan 05, 2014 at 07:51:31AM +0000, digitalmars-d-bounces at puremagic.com wrote:
> On Sunday, 5 January 2014 at 00:05:46 UTC, Walter Bright wrote:
> >On 1/4/2014 3:04 PM, deadalnix wrote:
> >>Because it is an instant crash,
> >
> >Would things going on and a random thing happening randomly later
> >be better?
>
> In a web-service server it is desirable to trap the SIGSEGV so that
> an appropriate http status can be returned before going down
> (telling the client to not do that again).
Isn't that usually handled by running the webserver itself as a separate
process, so that when the child segfaults the parent returns HTTP 501?
Trusting the faulty process to return a sane status sounds rather risky
to me (how do you know somebody didn't specially craft an attack to dump
the contents of /etc/passwd to stdout, which gets redirected over the
HTTP link? I rather the process segfault immediately rather than
continuing to run when it detected an obvious logic problem with its own
code).
T
--
Almost all proofs have bugs, but almost all theorems are true. -- Paul Pedersen
More information about the Digitalmars-d
mailing list