[linux-elitists] Pompous Top 10 List

Don Marti dmarti@zgp.org
Thu Jun 7 13:59:47 PDT 2001

begin Seth David Schoen quotation of Thu, Jun 07, 2001 at 01:13:08PM -0700:

> > the Model Rocketry Safety Code of Host-based Security
> That would be fun to write.
> Here's the starting point:
> http://www.nar.org/NARmrsc.html
> "I will use only network-layer routers in operating networks for the
> benefit of other users, unless they have specifically requested
> otherwise.  I will not attempt to modify the payload of any packet
> from the design originally specified by the user's client software.
> I will not interpret users' communications at a higher protocol
> level."
> "I will discard all packets with an invalid source or destination
> address, but I will never discard a packet merely because I do not
> understand a protocol it contains."

Misfires: When testing any new program that makes outgoing
connections to other hosts, I will notify the responsible persons,
remain available to answer their questions, and promptly stop it
from connecting to their hosts if they ask.

Launch Safety:  I will check for outstanding security updates before
starting a network service.  While running a network service, I will
take reasonable measures to inform myself about security-related
updates, and apply them promptly.  If unable to continue doing so,
I will disable the network service.

Size:  I will observe the slow start and congestion avoidance
algorithms as described in RFC 2581, unless I obtain permission
from the person responsible for the host at the other end of the
TCP connection.

