Bugtraq mailing list archives
Re: EMERGENCY: new remote root exploit in UW imapd
From: Bill_Royds () PCH GC CA (Bill Royds)
Date: Wed, 29 Jul 1998 15:02:14 -0400
"D. J. Bernstein" <djb () CR YP TO> wrote To: BUGTRAQ () NETSPACE ORG Subject: Re: EMERGENCY: new remote root exploit in UW imapd Here's an example of the Dijkstra phenomenon. <snip> der Mouse writes: > modular code usually ends up being slower There are three misconceptions here. Misconception #1 is that modularization means moving common code into subroutines. In fact, modularization need not have any effect on the compiled program, thanks to macros, inline code, etc. Subroutines are convenient but not required. Misconception #2 is that moving common code into subroutines imposes a speed penalty. In fact, procedure-call overhead is wiped out by cache effects in any subroutine that does more than a little bit of work. Misconception #3 is that speed is something programmers should consider along with security, verifiability, etc. In fact, the computer spends almost all of its time executing an amazingly small amount of code. For most programmers, speed simply doesn't matter. Actually modular code (even subroutine calls) often is much faster because most compilers and most harware architectures take advantage of locality of reference. An optimizing compiler can only eliminate common sub-expressions that can be shown to have no intervening branches. a modular subroutine is less likely to have thes. I once toaught a computer science course where the question of speed as a design crterion arose. When the class discusssed it we came to the conculsion that a program that gave a wrong answer was never fast. Correctness, maintainability, security, flexibility are all more important than flat out speed. Speed is important when it is part of correctness, that is a response is needed fast enough to avoid time outs to not delay the humans using the computer etc. But this is a consequence of the other criteria, not one in itself.
Current thread:
- Security Bulletins Digest, (continued)
- Security Bulletins Digest vtmue () HEAVEN RUF UNI-FREIBURG DE (Jul 23)
- Apache 1.3.1 Released! Aleph One (Jul 23)
- Re: EMERGENCY: new remote root exploit in UW imapd Alex Le Heux (Jul 22)
- Re: EMERGENCY: new remote root exploit in UW imapd D. J. Bernstein (Jul 28)
- Re: EMERGENCY: new remote root exploit in UW imapd der Mouse (Jul 28)
- Object tag crashes Internet Explorer 4.0 Georgi Guninski (Jul 28)
- Re: Object tag crashes Internet Explorer 4.0 Matt Rose (Jul 29)
- Re: EMERGENCY: new remote root exploit in UW imapd David Schwartz (Jul 28)
- Re: EMERGENCY: new remote root exploit in UW imapd Kragen (Jul 29)
- Object tag crashes Internet Explorer 4.0 Georgi Guninski (Jul 28)
- Re: EMERGENCY: new remote root exploit in UW imapd D. J. Bernstein (Jul 29)
- Re: EMERGENCY: new remote root exploit in UW imapd Bill Royds (Jul 29)