Front page | perl.perl5.porters |
Postings from July 2001
On Thu, Jul 19, 2001 at 05:03:39PM -0700, Jeffrey Friedl wrote: > Since you can unclamp (or declamp, or whatever) something, it doesn't > provide security or anything. Iff you do go down the path of using multiple bits for clamped hashes, why not specify a "don't unclamp" bit: 000 - regular hash 001 - clamped hash, don't barf on undefined keys 011 - clamped hash, barf on undefined keys 101 - clamped hash, don't barf, don't unclamp 111 - clamped hash, barf, don't unclamp The "don't unclamp" bit doesn't guarantee any security (it can be trivially unset after all), but it does alert users of a clamped hash that someone somewhere *reeelly* wants this hash to be clamped, and you're a naughty programmer if you unclamp it. (And you need one extra step before an unclamp operation.) All of this of course presumes that 3 bits are available for marking clamped hashes, and that registering intent such as this is desirable. Z.Thread Previous | Thread Next